Submitted URL: http://www.onmsft.com/
Effective URL: https://www.onmsft.com/
Submission: On August 13 via manual from JP — Scanned from JP

Summary

This website contacted 124 IPs in 13 countries across 115 domains to perform 738 HTTP transactions. The main IP is 172.67.74.142, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.onmsft.com. The Cisco Umbrella rank of the primary domain is 238971.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 20th 2022. Valid for: a year.
This is the only time www.onmsft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 49 172.67.74.142 13335 (CLOUDFLAR...)
10 2600:9000:214... 16509 (AMAZON-02)
2 23.10.7.242 20940 (AKAMAI-ASN1)
13 89.187.162.249 60068 (CDN77 ^_^)
1 2606:4700:440... 13335 (CLOUDFLAR...)
4 2404:6800:400... 15169 (GOOGLE)
4 2600:9000:21b... 16509 (AMAZON-02)
23 23.44.53.234 20940 (AKAMAI-ASN1)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 99.84.133.99 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
1 151.139.128.11 20446 (STACKPATH...)
39 2404:6800:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 6 142.251.42.166 15169 (GOOGLE)
2 52.220.69.163 16509 (AMAZON-02)
3 2404:6800:400... 15169 (GOOGLE)
10 2600:9000:21b... 16509 (AMAZON-02)
18 2600:9000:214... 16509 (AMAZON-02)
1 130.211.23.194 15169 (GOOGLE)
1 18.208.60.216 14618 (AMAZON-AES)
20 172.217.175.66 15169 (GOOGLE)
8 13.32.52.59 16509 (AMAZON-02)
1 141.95.98.68 16276 (OVH)
1 52.74.226.158 16509 (AMAZON-02)
1 54.189.200.142 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 23.39.13.202 16625 (AKAMAI-AS)
43 13.250.192.86 16509 (AMAZON-02)
13 54.64.4.232 16509 (AMAZON-02)
12 13.229.37.224 16509 (AMAZON-02)
6 11 104.254.151.36 29990 (ASN-APPNEX)
13 2602:803:c006... 26667 (RUBICONPR...)
3 72.34.250.78 27630 (AS-XFERNET)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 9 104.18.18.126 13335 (CLOUDFLAR...)
1 54.251.169.230 16509 (AMAZON-02)
4 28 34.98.64.218 15169 (GOOGLE)
12 54.189.212.84 16509 (AMAZON-02)
3 103.231.99.77 62713 (AS-PUBMATIC)
3 34.107.148.139 15169 (GOOGLE)
3 35.213.117.18 15169 (GOOGLE)
4 52.76.200.167 16509 (AMAZON-02)
3 74.118.186.42 26120 (RHYTHMONE)
1 2 64.120.110.138 59253 (LEASEWEB-...)
5 34.149.40.38 15169 (GOOGLE)
6 193.122.130.38 31898 (ORACLE-BM...)
2 103.71.26.124 132134 (SPOTX-AS-...)
2 13.112.237.6 16509 (AMAZON-02)
1 3 2406:da18:9ea... 16509 (AMAZON-02)
3 43.250.0.199 29990 (ASN-APPNEX)
3 5 23.106.127.38 59253 (LEASEWEB-...)
2 2 18.176.162.247 16509 (AMAZON-02)
1 6 23.106.127.39 59253 (LEASEWEB-...)
1 1 185.183.112.155 60350 (VP)
1 4 35.190.60.146 15169 (GOOGLE)
2 2 23.106.69.73 59253 (LEASEWEB-...)
8 2404:6800:400... 15169 (GOOGLE)
5 2404:6800:400... 15169 (GOOGLE)
8 2404:6800:400... 15169 (GOOGLE)
9 23.44.52.240 20940 (AKAMAI-ASN1)
3 103.231.99.243 62713 (AS-PUBMATIC)
2 2620:1ec:27::... 8075 (MICROSOFT...)
1 2404:6800:400... 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
1 9 2404:6800:400... 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 35.190.59.101 15169 (GOOGLE)
2 151.101.108.157 54113 (FASTLY)
2 17 52.46.128.147 16509 (AMAZON-02)
25 2404:6800:400... 15169 (GOOGLE)
1 104.244.42.8 13414 (TWITTER)
4 2607:f8b0:400... 15169 (GOOGLE)
1 52.77.136.128 16509 (AMAZON-02)
1 3 2404:6800:400... 15169 (GOOGLE)
1 2 52.231.207.240 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
10 2404:6800:400... 15169 (GOOGLE)
1 2406:2000:9c:... 38033 (YAHOO-JP2...)
12 54.196.103.248 14618 (AMAZON-AES)
5 2404:6800:400... 15169 (GOOGLE)
2 34.120.216.28 396982 (GOOGLE-CL...)
5 142.250.207.2 15169 (GOOGLE)
2 2 202.233.84.8 131957 (MICROAD M...)
13 22 216.58.220.98 15169 (GOOGLE)
2 6 104.18.19.126 13335 (CLOUDFLAR...)
2 36 23.45.56.26 20940 (AKAMAI-ASN1)
16 23.10.15.201 20940 (AKAMAI-ASN1)
1 99.84.238.168 16509 (AMAZON-02)
2 2 2001:df2:a300... 6336 (TURN-US-ASN)
18 18 15.197.193.217 16509 (AMAZON-02)
4 4 124.146.215.46 2514 (INFOSPHER...)
2 2 13.225.173.36 16509 (AMAZON-02)
4 4 99.84.133.60 16509 (AMAZON-02)
5 20.62.48.180 8075 (MICROSOFT...)
1 74.125.204.154 15169 (GOOGLE)
7 13.251.120.7 16509 (AMAZON-02)
1 1 2600:9000:21b... 16509 (AMAZON-02)
3 2406:2600:4::b 55569 (CRITEO-AS...)
6 6 23.36.110.226 16625 (AKAMAI-AS)
3 3 198.8.71.129 54312 (ROCKETFUEL)
3 3 72.34.250.75 27630 (AS-XFERNET)
8 9 2a02:fa8:c411... 399104 (CNVR-APAC)
18 18 74.118.186.45 26120 (RHYTHMONE)
4 4 18.138.158.87 16509 (AMAZON-02)
2 2 182.161.74.16 55569 (CRITEO-AS...)
14 14 35.213.12.39 15169 (GOOGLE)
10 10 64.202.112.31 22075 (AS-OUTBRAIN)
5 5 23.10.5.240 20940 (AKAMAI-ASN1)
4 5 3.126.96.88 16509 (AMAZON-02)
4 52.55.123.47 14618 (AMAZON-AES)
4 9 54.254.33.203 16509 (AMAZON-02)
1 52.220.242.234 16509 (AMAZON-02)
1 1 199.187.193.202 47043 (SMARTADSE...)
2 2 35.71.178.8 16509 (AMAZON-02)
1 52.94.223.37 16509 (AMAZON-02)
8 10 8.39.36.142 26667 (RUBICONPR...)
2 2406:2000:a4:... 10230 (YAHOO-SG ...)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
4 5 104.254.148.251 29990 (ASN-APPNEX)
1 32 54.238.120.71 16509 (AMAZON-02)
4 4 185.84.60.30 198622 (ADFORM)
2 2 54.225.153.167 14618 (AMAZON-AES)
2 3 2406:da18:929... 16509 (AMAZON-02)
2 2 34.195.158.163 14618 (AMAZON-AES)
2 38.91.45.7 398989 (DEEPINTENT)
5 5 13.228.49.83 16509 (AMAZON-02)
2 2 74.214.196.131 19189 (PULSEPOINT)
1 2 35.186.253.211 15169 (GOOGLE)
3 3 202.131.200.84 17941 (BIT-ISLE ...)
1 1 202.131.200.82 17941 (BIT-ISLE ...)
4 4 103.229.206.240 30419 (MEDIAMATH...)
2 51.79.234.100 16276 (OVH)
1 2 44.194.177.91 14618 (AMAZON-AES)
4 4 209.191.163.208 29791 (VOXEL-DOT...)
1 1 145.40.89.200 54825 (PACKET)
2 3 18.178.22.21 16509 (AMAZON-02)
1 1 3.226.22.208 14618 (AMAZON-AES)
5 5 151.101.66.49 54113 (FASTLY)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
3 4 38.133.127.31 22075 (AS-OUTBRAIN)
1 35.227.202.26 15169 (GOOGLE)
2 2 2406:da18:5ca... 16509 (AMAZON-02)
1 1 2620:116:800e... 16509 (AMAZON-02)
1 162.55.233.28 24940 (HETZNER-AS)
1 1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
13 142.250.196.130 15169 (GOOGLE)
1 18.177.113.58 16509 (AMAZON-02)
8 8 67.202.105.21 32748 (STEADFAST)
1 2 67.202.105.34 32748 (STEADFAST)
2 3.227.250.206 14618 (AMAZON-AES)
1 1 23.108.103.8 59253 (LEASEWEB-...)
5 34.117.239.71 15169 (GOOGLE)
1 2 104.18.99.194 13335 (CLOUDFLAR...)
2 3 3.1.1.164 16509 (AMAZON-02)
2 3 107.178.244.193 15169 (GOOGLE)
2 2 52.198.90.101 16509 (AMAZON-02)
1 1 69.173.158.64 26667 (RUBICONPR...)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 1 161.202.200.118 36351 (SOFTLAYER)
1 1 13.228.150.56 16509 (AMAZON-02)
1 34.96.105.8 15169 (GOOGLE)
1 1 18.176.234.133 16509 (AMAZON-02)
1 18.182.168.116 16509 (AMAZON-02)
738 124
Apex Domain
Subdomains
Transfer
80 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
ade.googlesyndication.com — Cisco Umbrella Rank: 297
498 KB
61 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 214
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
pubads.g.doubleclick.net — Cisco Umbrella Rank: 489
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
bid.g.doubleclick.net — Cisco Umbrella Rank: 473
296 KB
57 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 910
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1033
prod-m-node-2113.ssp.yahoo.com — Cisco Umbrella Rank: 42334
ads.yahoo.com — Cisco Umbrella Rank: 2334
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
ups.analytics.yahoo.com — Cisco Umbrella Rank: 277
35 KB
49 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 528
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1092
eus.rubiconproject.com — Cisco Umbrella Rank: 588
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1040
token.rubiconproject.com — Cisco Umbrella Rank: 707
pixel.rubiconproject.com — Cisco Umbrella Rank: 326
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 24237
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 954
108 KB
49 onmsft.com
www.onmsft.com — Cisco Umbrella Rank: 238971
239 KB
45 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1474
rtb.gumgum.com — Cisco Umbrella Rank: 1329
usersync.gumgum.com — Cisco Umbrella Rank: 2041
28 KB
39 media.net
prebid.media.net — Cisco Umbrella Rank: 1356
contextual.media.net — Cisco Umbrella Rank: 526
hbx.media.net — Cisco Umbrella Rank: 1427
cs.media.net — Cisco Umbrella Rank: 1437
c21lg-d.media.net — Cisco Umbrella Rank: 1912
77 KB
30 openx.net
playwire-d.openx.net — Cisco Umbrella Rank: 14644
u.openx.net — Cisco Umbrella Rank: 719
jp-u.openx.net — Cisco Umbrella Rank: 8902
us-u.openx.net — Cisco Umbrella Rank: 396
rtb.openx.net — Cisco Umbrella Rank: 1516
5 KB
26 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 323
s.amazon-adsystem.com — Cisco Umbrella Rank: 288
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1264
61 KB
25 moatads.com
z.moatads.com — Cisco Umbrella Rank: 442
mb.moatads.com — Cisco Umbrella Rank: 670
px.moatads.com — Cisco Umbrella Rank: 468
geo.moatads.com — Cisco Umbrella Rank: 624
239 KB
22 playwire.com
config.playwire.com — Cisco Umbrella Rank: 12384
cdn.playwire.com — Cisco Umbrella Rank: 20441
222 KB
21 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1301
match.sharethrough.com — Cisco Umbrella Rank: 521
11 KB
19 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
prebid.adnxs.com — Cisco Umbrella Rank: 1871
secure.adnxs.com — Cisco Umbrella Rank: 462
20 KB
18 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 381
9 KB
17 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1170
x.bidswitch.net — Cisco Umbrella Rank: 292
9 KB
16 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1667
sync.1rx.io — Cisco Umbrella Rank: 550
10 KB
15 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 518
ads.pubmatic.com — Cisco Umbrella Rank: 496
image6.pubmatic.com — Cisco Umbrella Rank: 636
53 KB
15 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 560
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
r.casalemedia.com — Cisco Umbrella Rank: 713
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453
ssum.casalemedia.com — Cisco Umbrella Rank: 1365
11 KB
14 vidible.tv
acds.prod.vidible.tv — Cisco Umbrella Rank: 4467
cdn-ssl.vidible.tv — Cisco Umbrella Rank: 5782
trk.vidible.tv — Cisco Umbrella Rank: 4502
110 KB
13 33across.com
ssc.33across.com Failed
ssc-cms.33across.com — Cisco Umbrella Rank: 897
events-ssc.33across.com — Cisco Umbrella Rank: 1781
dp1.33across.com — Cisco Umbrella Rank: 6450
5 KB
13 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1885
public.servenobid.com — Cisco Umbrella Rank: 3937
9 KB
13 exactdn.com
ehsw47mb2ee.exactdn.com — Cisco Umbrella Rank: 399403
232 KB
12 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 924
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 605
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6345
5 KB
12 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
imasdk.googleapis.com — Cisco Umbrella Rank: 448
1 MB
11 google.com
adservice.google.com — Cisco Umbrella Rank: 98
www.google.com — Cisco Umbrella Rank: 10
2 KB
10 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 551
6 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 374
217 KB
10 intergi.com
cdn.intergi.com — Cisco Umbrella Rank: 13800
195 KB
10 intergient.com
cdn.intergient.com — Cisco Umbrella Rank: 12866
133 KB
9 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 547
c.clarity.ms — Cisco Umbrella Rank: 996
e.clarity.ms — Cisco Umbrella Rank: 5459
26 KB
8 dotomi.com
medianet-match.dotomi.com — Cisco Umbrella Rank: 9806
yieldmo-match.dotomi.com — Cisco Umbrella Rank: 5434
openx2-match.dotomi.com — Cisco Umbrella Rank: 5058
3 KB
8 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2580
mp.4dex.io — Cisco Umbrella Rank: 3595
u.4dex.io — Cisco Umbrella Rank: 7375
27 KB
8 gstatic.com
fonts.gstatic.com
csi.gstatic.com
123 KB
7 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 289
gcdn.2mdn.net — Cisco Umbrella Rank: 997
r4---sn-oguesn6d.c.2mdn.net
944 KB
6 technoratimedia.com
playwire.technoratimedia.com — Cisco Umbrella Rank: 22043
sync.technoratimedia.com — Cisco Umbrella Rank: 1111
1 KB
6 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2202
sync.go.sonobi.com — Cisco Umbrella Rank: 1010
9 KB
6 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 2603
t.skimresources.com — Cisco Umbrella Rank: 2585
p.skimresources.com — Cisco Umbrella Rank: 3492
r.skimresources.com — Cisco Umbrella Rank: 2491
21 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 623
1 KB
5 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 649
ice.360yield.com — Cisco Umbrella Rank: 1825
1 KB
5 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 886
3 KB
5 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 495
4 KB
5 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 784
i.w55c.net — Cisco Umbrella Rank: 1782
4 KB
5 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1056
3 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 401
dis.criteo.com — Cisco Umbrella Rank: 699
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
159 KB
5 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 701
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 6373
3 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 686
1 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 630
1 KB
4 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 960
ap.lijit.com — Cisco Umbrella Rank: 679
2 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 484
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 603
2 KB
4 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 931
265 B
4 ladsp.com
cr-pall.ladsp.com — Cisco Umbrella Rank: 3740
2 KB
4 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 986
3 KB
4 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 611
698 B
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 469
732 B
3 affec.tv
map.go.affec.tv — Cisco Umbrella Rank: 5602
2 KB
3 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2681
978 B
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 741
2 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 674
syndication.twitter.com — Cisco Umbrella Rank: 864
133 KB
3 google.co.jp
adservice.google.co.jp — Cisco Umbrella Rank: 39148
1 KB
3 tremorhub.com
bktr2-06hdl.ads.tremorhub.com — Cisco Umbrella Rank: 23168
2 KB
3 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 652
eb2.3lift.com — Cisco Umbrella Rank: 411
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 188
2 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 428
520 B
2 amazonaws.com
kinesis.us-east-1.amazonaws.com — Cisco Umbrella Rank: 1404
693 B
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1523
hde.tynt.com — Cisco Umbrella Rank: 4911
4 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1201
677 B
2 yieldlift.com
x.yieldlift.com — Cisco Umbrella Rank: 3796
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 792
2 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 531
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 903
83 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1038
930 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 749
1 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 361
1 KB
2 ladsp.jp
cr-p3.ladsp.jp — Cisco Umbrella Rank: 20698
447 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 791
882 B
2 microad.jp
s-cs.send.microad.jp — Cisco Umbrella Rank: 15917
1 KB
2 im-apps.net
atm.im-apps.net — Cisco Umbrella Rank: 147575
298 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1344
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 494
1 KB
2 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 430
2 KB
2 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 7423
2 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1324
1 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2342
pixel.wp.com — Cisco Umbrella Rank: 2171
3 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1275
id.crwdcntrl.net — Cisco Umbrella Rank: 1452
30 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1206
api.btloader.com — Cisco Umbrella Rank: 1317
11 KB
2 sharepointonline.com
static2.sharepointonline.com — Cisco Umbrella Rank: 2121
214 KB
1 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 15868
220 B
1 r-ad.ne.jp
bk.r-ad.ne.jp — Cisco Umbrella Rank: 25569
548 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2979
173 B
1 rundsp.com
match.rundsp.com — Cisco Umbrella Rank: 8975
41 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 826
608 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2584
586 B
1 adingo.jp
cs.adingo.jp — Cisco Umbrella Rank: 2851
398 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1972
159 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 465
511 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 925
639 B
1 yimg.com
s.yimg.com — Cisco Umbrella Rank: 385
2 KB
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2479
284 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1237
697 B
1 admatrix.jp
sync-tapi.admatrix.jp — Cisco Umbrella Rank: 76738
500 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 704
528 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 195
741 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 862
458 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1387
712 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1620
17 KB
1 agkn.com
fid.agkn.com — Cisco Umbrella Rank: 10212
686 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 541
1 KB
1 herokuapp.com
fingerprinter-production.herokuapp.com — Cisco Umbrella Rank: 15288
374 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
44 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1249
5 KB
0 nex8.net Failed
cs.nex8.net Failed
0 temp.com Failed
temp.com Failed
738 115
Domain Requested by
49 www.onmsft.com 1 redirects www.onmsft.com
static.cloudflareinsights.com
39 pagead2.googlesyndication.com www.onmsft.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
googleads.g.doubleclick.net
ad.doubleclick.net
imasdk.googleapis.com
srcdoc
32 usersync.gumgum.com 1 redirects rtb.gumgum.com
g2.gumgum.com
eus.rubiconproject.com
30 c2shb.pubgw.yahoo.com cdn.intergi.com
25 contextual.media.net cdn.intergi.com
contextual.media.net
rtb.gumgum.com
public.servenobid.com
eus.rubiconproject.com
g2.gumgum.com
25 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.onmsft.com
08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
googleads.g.doubleclick.net
cdn.ampproject.org
ad.doubleclick.net
pagead2.googlesyndication.com
imasdk.googleapis.com
22 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
u.openx.net
jp-u.openx.net
rtb.gumgum.com
g2.gumgum.com
ssbsync.smartadserver.com
sync-amz.ads.yieldmo.com
20 px.moatads.com www.onmsft.com
18 match.adsrvr.org 18 redirects
18 cdn.playwire.com cdn.intergient.com
cdn.playwire.com
17 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
contextual.media.net
rtb.gumgum.com
u.openx.net
match.sharethrough.com
sync-amz.ads.yieldmo.com
us-u.openx.net
16 eus.rubiconproject.com cdn.intergi.com
eus.rubiconproject.com
contextual.media.net
s.amazon-adsystem.com
rtb.gumgum.com
g2.gumgum.com
www.onmsft.com
hde.tynt.com
15 us-u.openx.net 4 redirects u.openx.net
jp-u.openx.net
hde.tynt.com
us-u.openx.net
14 x.bidswitch.net 14 redirects
13 ade.googlesyndication.com
13 sync.1rx.io 13 redirects
13 c2shb.ssp.yahoo.com cdn.intergi.com
13 fastlane.rubiconproject.com cdn.intergi.com
13 ehsw47mb2ee.exactdn.com www.onmsft.com
12 trk.vidible.tv
12 ads.servenobid.com cdn.intergi.com
public.servenobid.com
g2.gumgum.com
ssbsync.smartadserver.com
12 btlr.sharethrough.com cdn.intergi.com
12 g2.gumgum.com cdn.intergi.com
public.servenobid.com
12 securepubads.g.doubleclick.net cdn.intergi.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
www.onmsft.com
11 ib.adnxs.com 6 redirects cdn.intergi.com
sync-amz.ads.yieldmo.com
10 b1sync.zemanta.com 10 redirects
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 cdn.intergi.com cdn.intergient.com
cdn.intergi.com
10 cdn.intergient.com www.onmsft.com
cdn.intergient.com
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
9 ads.pubmatic.com www.onmsft.com
cdn.intergi.com
s.amazon-adsystem.com
public.servenobid.com
rtb.gumgum.com
g2.gumgum.com
contextual.media.net
8 jp-u.openx.net cdn.intergi.com
u.openx.net
jp-u.openx.net
us-u.openx.net
8 adservice.google.com imasdk.googleapis.com
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
8 imasdk.googleapis.com cdn.playwire.com
imasdk.googleapis.com
cdn-ssl.vidible.tv
8 c.amazon-adsystem.com cdn.intergi.com
c.amazon-adsystem.com
7 ssc-cms.33across.com 7 redirects
7 pixel.rubiconproject.com 5 redirects
7 prod-m-node-2113.ssp.yahoo.com
7 pubads.g.doubleclick.net
7 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
www.onmsft.com
6 cs.media.net 2 redirects contextual.media.net
6 secure-assets.rubiconproject.com 6 redirects
6 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
6 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
6 ad.doubleclick.net 3 redirects www.onmsft.com
08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
www.googletagservices.com
5 events-ssc.33across.com hde.tynt.com
eus.rubiconproject.com
us-u.openx.net
5 sync-tm.everesttech.net 5 redirects
5 secure.adnxs.com 4 redirects hde.tynt.com
5 rtb.mfadsrvr.com 4 redirects contextual.media.net
5 stags.bluekai.com 5 redirects
5 sync.targeting.unrulymedia.com 5 redirects
5 e.clarity.ms www.clarity.ms
5 googleads4.g.doubleclick.net www.onmsft.com
ad.doubleclick.net
5 www.googletagservices.com 08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
www.googletagservices.com
ad.doubleclick.net
5 s0.2mdn.net imasdk.googleapis.com
08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
ad.doubleclick.net
5 ssbsync.smartadserver.com 3 redirects www.onmsft.com
public.servenobid.com
5 u.4dex.io www.onmsft.com
ssbsync.smartadserver.com
hde.tynt.com
eus.rubiconproject.com
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 creativecdn.com 4 redirects
4 sync.mathtag.com 4 redirects
4 ad.360yield.com 4 redirects
4 c1.adform.net 4 redirects
4 cs.emxdgt.com contextual.media.net
rtb.gumgum.com
g2.gumgum.com
4 pm.w55c.net 4 redirects
4 medianet-match.dotomi.com 4 redirects
4 cr-pall.ladsp.com 4 redirects
4 tg.socdm.com 4 redirects
4 csi.gstatic.com imasdk.googleapis.com
4 id.rlcdn.com 1 redirects ssbsync.smartadserver.com
contextual.media.net
4 playwire.technoratimedia.com cdn.intergi.com
4 ads.yieldmo.com cdn.intergi.com
sync-amz.ads.yieldmo.com
4 fonts.gstatic.com fonts.googleapis.com
4 config.playwire.com cdn.intergient.com
cdn.intergi.com
cdn.playwire.com
4 fonts.googleapis.com www.onmsft.com
securepubads.g.doubleclick.net
3 pixel.tapad.com 2 redirects hde.tynt.com
3 map.go.affec.tv 2 redirects hde.tynt.com
3 c21lg-d.media.net contextual.media.net
3 ups.analytics.yahoo.com 2 redirects us-u.openx.net
3 sync-dsp.ad-m.asia 3 redirects
3 pr-bh.ybp.yahoo.com 2 redirects u.openx.net
3 token.rubiconproject.com 3 redirects
3 sync.go.sonobi.com 3 redirects
3 p.rfihub.com 3 redirects
3 gum.criteo.com contextual.media.net
3 ssum-sec.casalemedia.com s.amazon-adsystem.com
public.servenobid.com
3 www.google.com 1 redirects tpc.googlesyndication.com
www.onmsft.com
3 08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 adservice.google.co.jp securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 image6.pubmatic.com ads.pubmatic.com
3 prebid.adnxs.com cdn.intergi.com
imasdk.googleapis.com
3 bktr2-06hdl.ads.tremorhub.com 1 redirects www.onmsft.com
cdn.intergi.com
3 tag.1rx.io cdn.intergi.com
3 grid.bidswitch.net cdn.intergi.com
3 prebid.media.net cdn.intergi.com
3 hbopenbid.pubmatic.com cdn.intergi.com
3 playwire-d.openx.net cdn.intergi.com
3 htlb.casalemedia.com cdn.intergi.com
3 apex.go.sonobi.com cdn.intergi.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 z.moatads.com cdn.intergient.com
cdn-ssl.vidible.tv
s.yimg.com
2 openx2-match.dotomi.com 2 redirects
2 dpm.demdex.net 2 redirects
2 p.adsymptotic.com 1 redirects hde.tynt.com
2 kinesis.us-east-1.amazonaws.com cdn.intergient.com
2 yieldmo-match.dotomi.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 ap.lijit.com 2 redirects
2 ce.lijit.com 2 redirects
2 x.yieldlift.com 1 redirects public.servenobid.com
2 onetag-sys.com public.servenobid.com
www.onmsft.com
2 rtb.openx.net 1 redirects u.openx.net
2 bh.contextweb.com 2 redirects
2 match.deepintent.com rtb.gumgum.com
g2.gumgum.com
2 sync.technoratimedia.com rtb.gumgum.com
g2.gumgum.com
2 sync.ipredictive.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 px.ads.linkedin.com 1 redirects
2 eb2.3lift.com 2 redirects
2 dis.criteo.com 2 redirects
2 hbx.media.net contextual.media.net
2 cr-p3.ladsp.jp 2 redirects
2 ad.turn.com 2 redirects
2 u.openx.net cdn.intergi.com
s.amazon-adsystem.com
2 r.casalemedia.com 2 redirects
2 s-cs.send.microad.jp 2 redirects
2 atm.im-apps.net 08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
ad.doubleclick.net
2 c.clarity.ms 1 redirects
2 platform.twitter.com www.onmsft.com
platform.twitter.com
2 p.skimresources.com
2 t.skimresources.com s.skimresources.com
2 www.clarity.ms www.onmsft.com
www.clarity.ms
2 gu.dyntrk.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 prebid-server.rubiconproject.com cdn.intergi.com
2 search.spotxchange.com cdn.intergi.com
2 pbjs.e-planning.net 1 redirects www.onmsft.com
2 script.4dex.io cdn.intergi.com
script.4dex.io
2 ad-delivery.net www.onmsft.com
2 static2.sharepointonline.com www.onmsft.com
static2.sharepointonline.com
1 ice.360yield.com 1 redirects
1 dps.jp.cinarra.com us-u.openx.net
1 bk.r-ad.ne.jp 1 redirects
1 tr.blismedia.com us-u.openx.net
1 i.w55c.net 1 redirects
1 match.rundsp.com us-u.openx.net
1 um.simpli.fi 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 pixel-apac.rubiconproject.com 1 redirects
1 dp1.33across.com 1 redirects
1 inv-nets.admixer.net 1 redirects
1 hde.tynt.com www.onmsft.com
1 de.tynt.com 1 redirects
1 cs.adingo.jp
1 r4---sn-oguesn6d.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 sync.richaudience.com www.onmsft.com
1 geo.moatads.com z.moatads.com
1 pixel.quantserve.com 1 redirects
1 odr.mookie1.com ssbsync.smartadserver.com
1 s.yimg.com cdn-ssl.vidible.tv
1 ssp.disqus.com 1 redirects
1 ssum.casalemedia.com public.servenobid.com
1 prebid.a-mo.net 1 redirects
1 sync-tapi.admatrix.jp 1 redirects
1 ads.yahoo.com
1 aax-eu.amazon-adsystem.com
1 ssbsync-us.smartadserver.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 rtb.gumgum.com s.amazon-adsystem.com
1 s.ad.smaato.net 1 redirects
1 bid.g.doubleclick.net cdn-ssl.vidible.tv
1 public.servenobid.com cdn.intergi.com
1 cdn-ssl.vidible.tv acds.prod.vidible.tv
1 c.bing.com 1 redirects
1 acds.prod.vidible.tv imasdk.googleapis.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 syndication.twitter.com platform.twitter.com
1 pixel.wp.com
1 r.skimresources.com s.skimresources.com
1 sync.adotmob.com 1 redirects
1 tlx.3lift.com cdn.intergi.com
1 mp.4dex.io cdn.intergi.com
1 secure.cdn.fastclick.net www.onmsft.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fid.agkn.com cdn.intergi.com
1 id.crwdcntrl.net cdn.intergi.com
1 id5-sync.com cdn.intergi.com
1 fingerprinter-production.herokuapp.com cdn.intergient.com
1 api.btloader.com btloader.com
1 mb.moatads.com z.moatads.com
1 s.skimresources.com www.onmsft.com
1 stats.wp.com www.onmsft.com
1 www.googletagmanager.com www.onmsft.com
1 tags.crwdcntrl.net cdn.intergient.com
1 btloader.com cdn.intergient.com
1 static.cloudflareinsights.com www.onmsft.com
0 cs.nex8.net Failed u.openx.net
0 temp.com Failed rtb.gumgum.com
0 ssc.33across.com Failed cdn.intergi.com
738 199
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-20 -
2023-06-20
a year crt.sh
cdn.intergient.com
Amazon
2022-01-04 -
2023-02-01
a year crt.sh
*.sharepointonline.com
Microsoft RSA TLS CA 01
2022-04-26 -
2023-04-26
a year crt.sh
*.exactdn.com
R3
2022-06-30 -
2022-09-28
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.playwire.com
Amazon
2022-03-13 -
2023-04-11
a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2021-11-27 -
2022-11-29
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-11 -
2023-07-12
a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA
2021-09-27 -
2022-10-28
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-05
a year crt.sh
cdn.intergi.com
Amazon
2022-01-04 -
2023-02-01
a year crt.sh
api.btloader.com
GTS CA 1D4
2022-06-22 -
2022-09-20
3 months crt.sh
*.herokuapp.com
Amazon
2022-05-02 -
2023-05-31
a year crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
*.id5-sync.com
R3
2022-05-31 -
2022-08-29
3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018
2020-07-25 -
2022-09-18
2 years crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA
2022-01-15 -
2023-01-17
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-08-02 -
2023-01-25
6 months crt.sh
*.gumgum.com
Amazon
2022-05-06 -
2023-06-04
a year crt.sh
*.sharethrough.com
Amazon
2021-11-25 -
2022-12-22
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2021-12-08 -
2023-01-09
a year crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
ads.servenobid.com
Amazon
2022-05-29 -
2023-06-27
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-06 -
2023-05-04
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-05 -
2023-05-04
a year crt.sh
*.yieldmo.com
Amazon
2021-10-12 -
2022-11-10
a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA
2022-06-28 -
2023-07-29
a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-09-17 -
2022-10-05
a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018
2022-03-11 -
2023-03-29
a year crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1
2022-02-28 -
2023-03-31
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
u.4dex.io
GTS CA 1D4
2022-07-11 -
2022-10-09
3 months crt.sh
*.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2022-02-27 -
2023-02-27
a year crt.sh
*.google.co.jp
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
platform.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-21 -
2023-08-21
a year crt.sh
s.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-21
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-24 -
2023-01-23
a year crt.sh
acds.prod.vidible.tv
DigiCert SHA2 High Assurance Server CA
2022-05-12 -
2022-11-02
6 months crt.sh
www.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
cdn-ycs.vidible.tv
DigiCert SHA2 High Assurance Server CA
2022-08-02 -
2023-01-25
6 months crt.sh
trk.vidible.tv
DigiCert SHA2 High Assurance Server CA
2022-05-24 -
2022-11-16
6 months crt.sh
atm.im-apps.net
GTS CA 1D4
2022-08-09 -
2022-11-07
3 months crt.sh
*.servenobid.com
Amazon
2022-02-06 -
2023-03-07
a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02
2022-06-07 -
2023-06-02
a year crt.sh
ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-07-06 -
2022-10-05
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-15 -
2022-09-18
3 months crt.sh
*.emxdgt.com
Amazon
2022-06-03 -
2023-07-02
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.ads.yieldmo.com
Amazon
2022-04-25 -
2023-05-24
a year crt.sh
rtb.mfadsrvr.com
Sectigo RSA Domain Validation Secure Server CA
2021-12-27 -
2022-12-27
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon
2022-07-20 -
2023-07-19
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-05-02 -
2023-06-03
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-06-14 -
2022-12-07
6 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon
2022-02-15 -
2023-03-16
a year crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-07-25 -
2022-09-14
2 months crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-11 -
2023-03-10
a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2021-09-23 -
2022-09-30
a year crt.sh
kinesis.us-east-1.amazonaws.com
Amazon
2021-12-29 -
2022-12-08
a year crt.sh
events-ssc.33across.com
GTS CA 1D4
2022-07-21 -
2022-10-19
3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-06-07 -
2022-11-30
6 months crt.sh
match.rundsp.com
GlobalSign RSA OV SSL CA 2018
2022-04-19 -
2023-05-21
a year crt.sh
tr.blismedia.com
GTS CA 1D4
2022-06-19 -
2022-09-17
3 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA
2022-05-14 -
2023-06-13
a year crt.sh
*.tremorhub.com
Amazon
2022-03-24 -
2023-04-22
a year crt.sh

This page contains 86 frames:

Primary Page: https://www.onmsft.com/
Frame ID: 364C32371BACD580B8D1DDF424274CEA
Requests: 279 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/1.8.13/iframe/iframe.html
Frame ID: F3B3D1C7D0378D931DCF25C7FD524BCC
Requests: 2 HTTP requests in this frame

Frame: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/frame.html
Frame ID: E3B63D98F48FD553E29D4FD2001317D3
Requests: 44 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: 33C4EB5DCEBEFF9CBBDB33D7BEC93FAF
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.524.0_en.html
Frame ID: 7AFAAE6368428798A779A5592F16B9D2
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: FB2476B7AD5D9C2F15D48A752209DC21
Requests: 2 HTTP requests in this frame

Frame: https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3D3FFA28CA951C1FECC428E738F7360E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/zrt_lookup.html
Frame ID: D067D2BC5C638EBF2FD05C0678E84706
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.6208833675511967
Frame ID: A0C85FF4E2F31506C833778F9DFC82B9
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift&dcc=t
Frame ID: AED876B9487DD258DC32F3E9F265E8E1
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.6184048311ebe2b4d9580ce803ab4baa.html?origin=https%3A%2F%2Fwww.onmsft.com
Frame ID: 986EAEEC7E7D66C32DF4F45A8EDDA458
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 21C00AA906B97C02F26973B5BB113395
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1197011367764122&output=html&adk=1812271804&adf=3025194257&lmt=1660360837&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.onmsft.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660360919189&bpp=3&bdt=3437&idt=294&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2836406618120&frm=20&pv=2&ga_vid=1533648303.1660360917&ga_sid=1660360919&ga_hid=340891715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C44761792&oid=2&pvsid=3215188679422792&tmod=27785561&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=33792&bc=31&ifi=6&uci=a!6&fsb=1&dtd=308
Frame ID: 38C7AD707D3FAF6FBE3677DC1145EEDF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A4AB5E78AFAEB4E4AC08D1BF4E689501
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CF83E926BFCE8F8322AA44E4D62D6E5C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Frame ID: 742B460EE8E123BFF3546DD52AD069AD
Requests: 16 HTTP requests in this frame

Frame: https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 21CA8479666D74DEBC6383521A7ED15A
Requests: 12 HTTP requests in this frame

Frame: https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 49D99BD872BEEB88B1DA8FE28DCD8909
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInlNxCTpK4BGKSApEowAQ&v=APEucNWmNhdYstv1WfabriC7TJ9VX2jBYIrkt0Vb-Uhocea7QOE_YauuwD5zLrdonVt6jhTCC4nTMXIX3B5lfHs4iYhY8M7xQQ
Frame ID: BF4BB45CEC30D8CDA6D977D13094A9EB
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnLQRDu7pXaAhj-uMzBATAB&v=APEucNVZ0LDjSJa-czculX6ZES-zK7mT-8Z4rDwGoTmWTA5-9D_dGOLgEN_lp0CL6kqI3qUXqmGbF6JgtTV0y_1Prbr-65IVgw
Frame ID: CCD365D6740FCA607C4F5A0E677CD5C3
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FB2BE014BD7E2199168E17CDBABE1829
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 143F37581F472AD7B9DDCEE7526C335B
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N9032.585838.ADWORDS.GOOGLE.CO.J/B21543855.235417681;dc_ver=90.265;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3037181502;ord=vsiw7a;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyfPG1xj3Yu2ED_SJ29gP8IW60AKy_IiAXpuY6ODtC8CNtwEQASD7m9VJYInzxYT0E8gBCakCkIfF-1UYQD6oAwGqBPcBT9Cg7K6yKskHzzuXadie_FKs1LTONm7c_8IqQo3UtdFieMTpD0-k-7hDOxpslz40_ZPP9VOqhz9Iue9Gca0Lw2yi1Dz6DG4Z-pIjNKwNmvRy9pf1tnx69z1AlULeLSc7OCUk6cUWv5YlkcpuaQhYx-UJh-xf6bEjmkgVfCe0Y269YWFERcserRt9lXoKTlTuGTvXvP4Jn172IBByi05aCuTsrN57wFLmTg02aw99PiY2njWhW6sWoxCMew6pjS4MisLYKTk0ibPqSEhzJSzNeZlAMyIEHS9xTQdlU8c_fBnHuV_UProNJ8lHfeGFPswZcvQXlv6f-sAEyZnNxfoC4AQDkAYBoAZNgAeyxZyDAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTEyNjI1NDQ5MzA1ODU3OTCACgOYCwHICwGADAGwE_nCjg3IE4O67QfYEwqIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLQCsnQUxUMBr40wcAwLo1q6q7Hw1BbN2IdB8WSJ6wMDfLb2trCJ2wn7Cq1m8_w%26sig%3DAOD64_1WCl3vd6H0aKfRV1US9432roSSZA%26client%3Dca-pub-5812357352335075%26dbm_c%3DAKAmf-D6pGgRbqCilwceftHpy82R8AVyeJvA50ObvkzQtWtTp4JV5mhjJQEMaArYfxtkRQk6QAlHwz4l8thNiQDgwcZpturyDudIESdxoZkQy4Ox3_mVo3hA6Jnkbi8XKQGpjbT6CMifOSnkpIgZePfrgIFYEzz7yw%26cry%3D1%26dbm_d%3DAKAmf-AxUKGZgIe76ONGfALSy4_uFxNOWolwpBDMlE729cEfcc0joIrjUmtixPu_O9Yk7gWLbrc0uBFj_oeaKiVlAtQYUftQGC3IeoCGpjzhqcQsTdHupJAh0c-iXuejNvr9BYLjP93MbXfj18WgBN5WCX320MYgCqRep1Cro7eciO7TngDjSEBlqK5hhouOcSAfC_cwXnPta9Xe6UjCnEgcdp0qUIVtCDRfXrJWrxm6hJKO38kXCvuIQET8jlFqoHz2l38RJfo3Rf5iqg9Y1QSoMOpqJd6JjXSAw4GNUkgJEQmoRvnTaxCRtn42wz7ksWyOAQNqwPSPVVs-zA_n5_ULIw3V3KTzK_on8yXjb6mc_lQaj_ifPGhRAZmRTxvzKM8TuZAKP6nQt7Qam5EmU4JV-k7CI42jGUvsH1-UHSH5rnTAbTYHy4Cc9Tw9XA0tjpo-j6bhrmgk%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.onmsft.com%2F$0;xdt=1;crlt=Hr5Z7IlAIn;stc=1;chaa=1;sttr=59;prcl=s
Frame ID: 4D32C03A512ABF9344995757C9D04552
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032208081650000/amp4ads-v0.mjs
Frame ID: F3293F5743A01F65B4208FB201E47328
Requests: 15 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 895F9877D1ABAF9875C2676D435E4D2C
Requests: 19 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158326
Frame ID: AC6118196075A819EC3A94F5990FDFAA
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 699782D14316D20E47B6AC5432F69538
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4AD737722112FEEF2E2CB6FFAA783950
Requests: 10 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: F88B4D02FE29E4A11A89EB2FC4DB692F
Requests: 13 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 9D0769B5407D74E2C428E4E025D7DB31
Requests: 21 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158326
Frame ID: BBFFE3E5BC40369530BCAAE6C4B295C0
Requests: 1 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=36f43d7a-82bf-4fdf-8a09-9bd06a2b981b&gdpr=0
Frame ID: A230FAB019589F27558BDE293D683CFF
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: AAC71C76F0D427909A2065C81488D1D2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FD4843486406AF77191F0F2FEAC8DEC3
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 07E04BA8763147ED0E20E55780C58616
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3033625206452273000V10&type=rkt&refUrl=&vid=03609205623033625206452273000V10&ovsid=1917759393911754062
Frame ID: 65C7019E328E5E37D980AA448DFD10DF
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 553CC35AB1B0B38C245B435724FCB50A
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 30ED06F1E5413785310F60594780CE0E
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 08FDC926AF3E3B0AEA79CABD18902708
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: EC13AFA5FE89876547AB330BF142A7F6
Requests: 2 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 09A75CED8F86ED89293F7F022AB08096
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 6979C2F2C9814973361439F0E2F2B7D5
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 370F1411D64437A6FC0A1D5124ABCC08
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4960241744634227040&gdpr=0&gdpr_consent=
Frame ID: 6F6DE990594735884FA47F6259C3E815
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=4764734661110149725&ex=appnexus.com
Frame ID: E8711964880559BE477F5201078AD4A2
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=585789278119328662530
Frame ID: 02F46324C505C4C00037DCADA592BFCD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 58ADCE6A361274F87ABF2EFEEE296D5F
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3033625206452273000V10&type=rkt&refUrl=&vid=03609205913033625206452273000V10&ovsid=2019090386113786897
Frame ID: 16948A61A1EF31C3F72D6D950126DA18
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: B25C732175F7E23ADF77A9CDF85FE840
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: A38EB910F0E62D8BF2B9BAAA5684580E
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: A2BD5893BE49BFBA949BDD2E8E2248EE
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 36550C1F2316117A6AF669F17E6E52E2
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: ADBD64970502CA26D153D1045484AB7D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=ba1962f7-18d8-4a00-a053-d0020e80600f&gdpr=&gdpr_consent=
Frame ID: 795BB206ECEDF242FADA2551EE5E7983
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=YvcY2AAGBwlDkgAK&gdpr=&gdpr_consent=&_test=YvcY2AAGBwlDkgAK
Frame ID: AF78B35CD3A06395FA5E888F48C5CED3
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9kZTM0MjljOC1mMzFjLTQ4YWItYmJhNC0zM2JmZTgzYTA1NmU=&gdpr=&gdpr_consent=
Frame ID: BD1F5BD676F51B1B1E0FDE1C0F061A02
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 30F99FFF75F6FBF876069E6D8E0F0E03
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
Frame ID: 96732D5935B2301B1CA21D4A33C46867
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent=
Frame ID: EC2A539F2735A6CE7999E185A12AFE49
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=YvcY2MCo8X4AAMgoXUsAAAAA
Frame ID: 9A8BD8FE7D0C6B6DCBE6850264A084E2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=UOmxQYPAALeX7gjU01xi&pi=gumgum&tc=1
Frame ID: D3DB0EAE4840DB103B0EA5E563EC4D4F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 75181399C2B2AEC370B9E64BF62A370D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Frame ID: 0E0B121046FDB718DE95DA8BD8156748
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js
Frame ID: B36861EBFD05DAC644F2109815120833
Requests: 7 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=e3a462f7-18d8-4000-8222-2d03a6456a3e&gdpr=0&gdpr_consent=
Frame ID: B367F625C356DF3EBE7AA9B8DA83C88B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=YvcY2AAGB6JGTAAK&gdpr=0&gdpr_consent=&_test=YvcY2AAGB6JGTAAK
Frame ID: F95984CFD16ED55EE103FC0DEC99924C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9kZTM0MjljOC1mMzFjLTQ4YWItYmJhNC0zM2JmZTgzYTA1NmU=&gdpr=0&gdpr_consent=
Frame ID: 803242598F958958D2C31954CF86C7C2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 2F14ED4BC46E60D2261E156AA10AEA5F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
Frame ID: 574A0F3365C1A9AF3FBF9CE0238634CF
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: DC808EF1F077E2ECB89EDAEDDF0F30BF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=YvcY2MCo8X4AAMgoXUsAAAAA
Frame ID: 221185D6468B231D359B436BC1360207
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=UOmxQYPAALeX7gjU01xi&pi=gumgum&tc=1
Frame ID: C2ACA3E5539A6C0220FD4825BBFF1B88
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: B38843994CC3C5510A5E8E0EA6DB663A
Requests: 3 HTTP requests in this frame

Frame: https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?p=1BTOoaD22a&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Drichaudience%26uid%3D[PDID]
Frame ID: 527A12342C82D2AD05639106A8978764
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.524.0_en.html
Frame ID: 8C2A57C041E371C60ADF7DFE655854D5
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1236B278C377ACA885A2CF29AEAB9E10
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 0E37D0558E3E0705897B8E757A55FB8E
Requests: 3 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Frame ID: EC6BB205DBD2F297B26A4489B1A7B432
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Frame ID: 04B542E5C279ED1BA0025291870BB644
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 517236E0C1E3EC9BE08872FE01D581C4
Requests: 3 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: F2D076F765B46BA20B87CBD4323886F7
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe
Frame ID: A975AF658495624DD10609B3ED3D560A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.524.0_en.html
Frame ID: 856419454C3E934CEBAB91A375C905D5
Requests: 12 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.524.0_en.html
Frame ID: 48A266995A7F0FF57C6A9F8114C69DD1
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dpba%26refUrl%3D%26vid%3D03609205623033625206452273000V10%26ovsid%3DPM_UID
Frame ID: F02A2A378C52A7D0725FA8AB36B1FF30
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dpba%26refUrl%3D%26vid%3D03609205913033625206452273000V10%26ovsid%3DPM_UID
Frame ID: 10520813235227DC2548E16FFDB2083B
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Latest News - OnMSFT.com

Page URL History Show full URLs

  1. http://www.onmsft.com/ HTTP 301
    https://www.onmsft.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • lodash.*\.js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

738
Requests

80 %
HTTPS

25 %
IPv6

115
Domains

199
Subdomains

124
IPs

13
Countries

5702 kB
Transfer

14267 kB
Size

196
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.onmsft.com/ HTTP 301
    https://www.onmsft.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 217
  • https://pbjs.e-planning.net/pbjs/1/2eb02/1/www.onmsft.com/ROS?rnd=0.7677932252904065&e=300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2B728x90_0%3A728x90%2C970x250%2C970x90%2B728x90_1%3A728x90%2C970x250%2C970x90%2B728x90_2%3A728x90%2C970x250%2C970x90%2B728x90_3%3A728x90%2C970x250%2C970x90%2B728x90_4%3A728x90%2C970x250%2C970x90%2B728x90_5%3A728x90%2C970x250%2C970x90%2B728x90_6%3A728x90%2C970x90%2B728x90_7%3A728x90%2C970x90%2B160x600_0%3A160x600%2B160x600_1%3A160x600&ur=https%3A%2F%2Fwww.onmsft.com%2F&pbv=6.26.0&ncb=1&vs=FFFFFFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.onmsft.com%2F&e_pubcid=4d32b779-8c4b-4970-b127-677768b23296 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2eb02/1/www.onmsft.com/ROS?ct=1&r=pbjs&rnd=0.7677932252904065&e=300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2B728x90_0%3A728x90%2C970x250%2C970x90%2B728x90_1%3A728x90%2C970x250%2C970x90%2B728x90_2%3A728x90%2C970x250%2C970x90%2B728x90_3%3A728x90%2C970x250%2C970x90%2B728x90_4%3A728x90%2C970x250%2C970x90%2B728x90_5%3A728x90%2C970x250%2C970x90%2B728x90_6%3A728x90%2C970x90%2B728x90_7%3A728x90%2C970x90%2B160x600_0%3A160x600%2B160x600_1%3A160x600&ur=https%3A%2F%2Fwww.onmsft.com%2F&pbv=6.26.0&ncb=1&vs=FFFFFFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.onmsft.com%2F&e_pubcid=4d32b779-8c4b-4970-b127-677768b23296
Request Chain 220
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://u.4dex.io/setuid?bidder=appnexus&uid=4764734661110149725
Request Chain 236
  • https://bktr2-06hdl.ads.tremorhub.com/ad/tag?adCode=bktr2-g87mf&playerWidth=640&playerHeight=480&srcPageUrl=https%3A%2F%2Fwww.onmsft.com%2F&supplyCode=bktr2-06hdl&videoId=MyCoolVideo&schain=1.0,1!playwire.com,1023788,1,b3365762-3072-4051-9825-faab4b4e58f7,,&transactionId=1e3eb2c6-7282-42a4-9152-9691fb3f134a&referrer=https%3A%2F%2Fwww.onmsft.com%2F&hb=1&fmt=json HTTP 302
  • https://bktr2-06hdl.ads.tremorhub.com/ad/tag?adCode=bktr2-g87mf&playerWidth=640&playerHeight=480&srcPageUrl=https%3A%2F%2Fwww.onmsft.com%2F&supplyCode=bktr2-06hdl&videoId=MyCoolVideo&schain=1.0,1!playwire.com,1023788,1,b3365762-3072-4051-9825-faab4b4e58f7,,&transactionId=1e3eb2c6-7282-42a4-9152-9691fb3f134a&referrer=https%3A%2F%2Fwww.onmsft.com%2F&hb=1&fmt=json&_tur=T
Request Chain 248
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABh407F7jIAAA90E3B3Kg&gdpr=0
Request Chain 249
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0802220402677156ae909095&gdpr=0&gdpr_consent=
Request Chain 250
  • https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CNK5KxoNCNax3JcGEgUI6AcQAEJOaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2k9MSZwYXJ0bmVyaWQ9MTM2JnBhcnRuZXJ1c2VyaWQ9SgA
Request Chain 251
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=07030001_62f718d697abf&knw= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=07030001_62f718d697abf&gdpr=0&gdpr_consent=
Request Chain 278
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift&dcc=t
Request Chain 305
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A154E85478F14166AAF54B23048B3E21&RedC=c.clarity.ms&MXFR=23341CE4EC5267AB14F00D1BE852696F HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A154E85478F14166AAF54B23048B3E21&MUID=195BE5D44B0764A6224EF42B4A5A65EE
Request Chain 334
  • https://ad.doubleclick.net/ddm/activity/src=8731124;type=invmedia;cat=3920_0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=8731124;dc_pre=CMKt1LbuwvkCFUxdvQodFaAMzA;type=invmedia;cat=3920_0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=8731124;dc_pre=CMKt1LbuwvkCFUxdvQodFaAMzA;type=invmedia;cat=3920_0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
Request Chain 344
  • https://ad.doubleclick.net/ddm/trackimp/N510008.279382DBMMEDIACOMSINGAP1/B26546237.315508380;dc_trk_aid=508209432;dc_trk_cid=158844906;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N510008.279382DBMMEDIACOMSINGAP1/B26546237.315508380;dc_pre=CIGq1LbuwvkCFdoHXAod1FwGzA;dc_trk_aid=508209432;dc_trk_cid=158844906;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 351
  • https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Request Chain 352
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHh_iZ8_yA_tqFd5mWZ6tFk&google_cver=1
Request Chain 353
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://r.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvcY17Cq6TOXz9UsYoHfIwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHh_iZ8_yA_tqFd5mWZ6tFk&google_cver=1
Request Chain 354
  • https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHh_iZ8_yA_tqFd5mWZ6tFk&google_cver=1
Request Chain 356
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://r.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvcY17Cq6TOXz9UsYoHfIwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHh_iZ8_yA_tqFd5mWZ6tFk&google_cver=1
Request Chain 399
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3189454452451635575&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 400
  • https://match.adsrvr.org/track/cmf/openx?oxid=30dc3f53-b1d1-77cf-f769-6ebc0701abb4&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=30dc3f53-b1d1-77cf-f769-6ebc0701abb4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1&ttd_puid=30dc3f53-b1d1-77cf-f769-6ebc0701abb4&gdpr=0&gdpr_consent=
Request Chain 401
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YvcY2MCo8X4AAMgoXTYAAAAA
Request Chain 402
  • https://cr-p3.ladsp.jp/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYx0WaNoPPYHks8ADsWuAv9yWs8AAAGClTkOag
Request Chain 404
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG82nozoKLTw_SovW1A44Rw&google_cver=1
Request Chain 405
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3117396858413707639&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 406
  • https://match.adsrvr.org/track/cmf/openx?oxid=30dc3f53-b1d1-77cf-f769-6ebc0701abb4&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=30dc3f53-b1d1-77cf-f769-6ebc0701abb4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1&ttd_puid=30dc3f53-b1d1-77cf-f769-6ebc0701abb4&gdpr=0&gdpr_consent=
Request Chain 407
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YvcY2MCo8YwAAH6j-VoAAAAA
Request Chain 408
  • https://cr-p3.ladsp.jp/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATuUIgTJ60rQks8ADsaW16HPc88AAAGClTkOQg
Request Chain 410
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG82nozoKLTw_SovW1A44Rw&google_cver=1
Request Chain 414
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 424
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=01af0a18
Request Chain 428
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 429
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Drkt%26refUrl%3D%26vid%3D03609205623033625206452273000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3033625206452273000V10&type=rkt&refUrl=&vid=03609205623033625206452273000V10&ovsid=1917759393911754062
Request Chain 430
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=son&refUrl=&vid=03609205623033625206452273000V10&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=son&refUrl=&vid=03609205623033625206452273000V10&ovsid=9f2dede7-e0a8-416c-bb59-baffdef61b9f
Request Chain 431
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dcon%26refUrl%3D%26vid%3D03609205623033625206452273000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=19fa9865399820b7&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dcon%26refUrl%3D%26vid%3D03609205623033625206452273000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=con&refUrl=&vid=03609205623033625206452273000V10&ovsid=AAALmheeFssUiAMEBQc4AAAAAAA&expiration=1660447321&is_secure=true
Request Chain 432
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dopx%26refUrl%3D%26vid%3D03609205623033625206452273000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3033625206452273000V10&type=opx&refUrl=&vid=03609205623033625206452273000V10&ovsid=f8f056cc-1ad1-4d2f-9426-10d2b5ee3968
Request Chain 433
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dr1%26refUrl%3D%26vid%3D03609205623033625206452273000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dr1%26refUrl%3D%26vid%3D03609205623033625206452273000V10%26ovsid%3D%5BRX_UUID%5D&cb=1660360920768 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8516397826 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/1d21bf0c-4a0d-434d-a5b7-0628b31a7df1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dr1%26refUrl%3D%26vid%3D03609205913033625206452273000V10%26ovsid%3DRX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=r1&refUrl=&vid=03609205913033625206452273000V10&ovsid=RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004
Request Chain 434
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzAzMzYyNTIwNjQ1MjI3MzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEkU0tDb_iohjUTxiddEYm4&google_cver=1
Request Chain 435
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Ddxu%26refUrl%3D%26vid%3D03609205623033625206452273000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Ddxu%26refUrl%3D%26vid%3D03609205623033625206452273000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=dxu&refUrl=&vid=03609205623033625206452273000V10&ovsid=46mtB6UV1OmHIQ5
Request Chain 436
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f21274b8-f3ee-4fcd-9466-86de44913df2
Request Chain 437
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=f5902f6c-8f9b-44bb-af11-1df39412e0e6&google_hm=ZjU5MDJmNmMtOGY5Yi00NGJiLWFmMTEtMWRmMzk0MTJlMGU2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGYrH1-89pebrSLjsEbpqHo&google_cver=1&ssp=medianet&bsw_param=f5902f6c-8f9b-44bb-af11-1df39412e0e6 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f5902f6c-8f9b-44bb-af11-1df39412e0e6&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 438
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dzem%26refUrl%3D%26vid%3D03609205623033625206452273000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=tqzWxCyZyB15YWGOWzwF&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLUOF5FO6CDPFNHSQRRGVMVOR2PK55HORRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDGNRQHEZDANJWGIZTAMZTGYZDKMRQGY2DKMRSG4ZTAMBQKYYTAJTWONUWIPJTGAZTGNRSGUZDANRUGUZDENZTGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLUOF5FO6CDPFNHSQRRGVMVOR2PK55HORRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDGNRQHEZDANJWGIZTAMZTGYZDKMRQGY2DKMRSG4ZTAMBQKYYTAJTWONUWIPJTGAZTGNRSGUZDANRUGUZDENZTGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=tqzWxCyZyB15YWGOWzwF&refUrl=&type=zem&vid=03609205623033625206452273000V10&vsid=3033625206452273000V10
Request Chain 439
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3033625206452273000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3033625206452273000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=3e219616-e458-474a-9431-4c8145dabbc3&cs=1
Request Chain 442
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
Request Chain 443
  • https://cs.media.net/cksync?cs=35&type=tam&ovsid=setstatuscode&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3Ddcd3b62c-7a4b-4d79-a73e-c47474a8ab42%26id%3D3033625206452273000V10%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=3033625206452273000V10&gdpr=0&gdpr_consent=
Request Chain 451
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4960241744634227040&gdpr=0&gdpr_consent=
Request Chain 452
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=4764734661110149725&ex=appnexus.com
Request Chain 453
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=585789278119328662530
Request Chain 456
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 457
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzAzMzYyNTIwNjQ1MjI3MzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEkU0tDb_iohjUTxiddEYm4&google_cver=1
Request Chain 458
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Drkt%26refUrl%3D%26vid%3D03609205913033625206452273000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3033625206452273000V10&type=rkt&refUrl=&vid=03609205913033625206452273000V10&ovsid=2019090386113786897
Request Chain 459
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=9ce59d25-03af-4690-aa01-c0718bcf5d89
Request Chain 460
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=f5902f6c-8f9b-44bb-af11-1df39412e0e6&google_hm=ZjU5MDJmNmMtOGY5Yi00NGJiLWFmMTEtMWRmMzk0MTJlMGU2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGYrH1-89pebrSLjsEbpqHo&google_cver=1&ssp=medianet&bsw_param=f5902f6c-8f9b-44bb-af11-1df39412e0e6 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f5902f6c-8f9b-44bb-af11-1df39412e0e6&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 463
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
Request Chain 464
  • https://cs.media.net/cksync?cs=35&type=tam&ovsid=setstatuscode&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3Ddcd3b62c-7a4b-4d79-a73e-c47474a8ab42%26id%3D3033625206452273000V10%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=3033625206452273000V10&gdpr=0&gdpr_consent=
Request Chain 465
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=son&refUrl=&vid=03609205913033625206452273000V10&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=son&refUrl=&vid=03609205913033625206452273000V10&ovsid=9f2dede7-e0a8-416c-bb59-baffdef61b9f
Request Chain 466
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dcon%26refUrl%3D%26vid%3D03609205913033625206452273000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=45d72675ad1012ba&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dcon%26refUrl%3D%26vid%3D03609205913033625206452273000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=con&refUrl=&vid=03609205913033625206452273000V10&ovsid=AAAGpnvoVmoy_wNTbbhpAAAAAAA&expiration=1660447321&is_secure=true
Request Chain 467
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dopx%26refUrl%3D%26vid%3D03609205913033625206452273000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3033625206452273000V10&type=opx&refUrl=&vid=03609205913033625206452273000V10&ovsid=f8f056cc-1ad1-4d2f-9426-10d2b5ee3968
Request Chain 468
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dr1%26refUrl%3D%26vid%3D03609205913033625206452273000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dr1%26refUrl%3D%26vid%3D03609205913033625206452273000V10%26ovsid%3D%5BRX_UUID%5D&cb=1660360920768 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8060186016 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/1d21bf0c-4a0d-434d-a5b7-0628b31a7df1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dr1%26refUrl%3D%26vid%3D03609205913033625206452273000V10%26ovsid%3DRX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=r1&refUrl=&vid=03609205913033625206452273000V10&ovsid=RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004
Request Chain 469
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Ddxu%26refUrl%3D%26vid%3D03609205913033625206452273000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Ddxu%26refUrl%3D%26vid%3D03609205913033625206452273000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=dxu&refUrl=&vid=03609205913033625206452273000V10&ovsid=46mtB6UV1OmHIQ5
Request Chain 470
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dzem%26refUrl%3D%26vid%3D03609205913033625206452273000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=GvScvJFUp3o-eUPmKTpQ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKHOZJWG5SKIZKXAM3PFVSVKUDNJNKHAUJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDGNRQHEZDANJZGEZTAMZTGYZDKMRQGY2DKMRSG4ZTAMBQKYYTAJTWONUWIPJTGAZTGNRSGUZDANRUGUZDENZTGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKHOZJWG5SKIZKXAM3PFVSVKUDNJNKHAUJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDGNRQHEZDANJZGEZTAMZTGYZDKMRQGY2DKMRSG4ZTAMBQKYYTAJTWONUWIPJTGAZTGNRSGUZDANRUGUZDENZTGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=GvScvJFUp3o-eUPmKTpQ&refUrl=&type=zem&vid=03609205913033625206452273000V10&vsid=3033625206452273000V10
Request Chain 475
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6RC0R9W-4-M8UN&sigv=1&esig=2~7a72d59123baeec2be2a61652379c5ad31707f0a
Request Chain 476
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=l-sZCLFrT6yLcOJHEy5bcg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=l-sZCLFrT6yLcOJHEy5bcg
Request Chain 477
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEONTCybOP0wRK9NymVTKcOM&google_cver=1
Request Chain 478
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1&gdpr=0&gdpr_consent=&expires=30
Request Chain 479
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSQzBSOVctNC1NOFVO
Request Chain 480
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6RC0R9W-4-M8UN
Request Chain 481
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=L6RC0R9W-4-M8UN&ex=d-rubiconproject.com&status=ok
Request Chain 483
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=4764734661110149725
Request Chain 484
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_de3429c8-f31c-48ab-bba4-33bfe83a056e&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_de3429c8-f31c-48ab-bba4-33bfe83a056e&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=685831974341956506&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=f5902f6c-8f9b-44bb-af11-1df39412e0e6
Request Chain 485
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28dMIi38EA75YSj3T9XAFXHHnttqk5hVMNF_xqlib1iehv17u1gVy6p23n3pDKNe2p%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28dMIi38EA75YSj3T9XAFXHHnttqk5hVMNF_xqlib1iehv17u1gVy6p23n3pDKNe2p%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_de3429c8-f31c-48ab-bba4-33bfe83a056e&obuid=ENC(dMIi38EA75YSj3T9XAFXHHnttqk5hVMNF_xqlib1iehv17u1gVy6p23n3pDKNe2p) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • http://temp.com/
Request Chain 486
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=c7e19b23-99c4-4f99-9012-7e51cf51aaf2
Request Chain 487
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-c3a820f3-63ed-4e0c-6955-4fa59df7242c$ip$217.138.252.170
Request Chain 488
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-67jilTNE2peybjpts5sC2HdDS9ZAJFdgk0Iz~A
Request Chain 489
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=cf0e775b-5b17-4585-bbec-e0582fd9c7ca
Request Chain 492
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_de3429c8-f31c-48ab-bba4-33bfe83a056e&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=NTOCbqJvHHvAq2ZpOhUX&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVHFIT2DMJYUU5SIJB3EC4JSLJYE62CVLA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVHFIT2DMJYUU5SIJB3EC4JSLJYE62CVLA HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=NTOCbqJvHHvAq2ZpOhUX
Request Chain 493
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=c8461c9a-9d8c-4442-b5f7-9da8e522489f
Request Chain 494
  • https://sync.1rx.io/usersync2/floor6?gdpr=&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6656858930 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/1d21bf0c-4a0d-434d-a5b7-0628b31a7df1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dr1%26refUrl%3D%26vid%3D03609205913033625206452273000V10%26ovsid%3DRX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=r1&refUrl=&vid=03609205913033625206452273000V10&ovsid=RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004
Request Chain 495
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=tzPZ3lY2JT5A&ev=1&pid=558355
Request Chain 496
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=4960241744634227040
Request Chain 503
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=74q1bxhXzuERHSIL1BiRDg==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 504
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&uid-set=1 HTTP 302
  • https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dopenx%26uid%2Dset%3D1%26auid%3D HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&uid-set=1&auid=e9396891-64a8-44bc-bba9-98c1827fb078 HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072588&val=gB9Y-oHxHhy-l
Request Chain 505
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=536872786&val=c02b62f7-18d8-4b00-b88a-52a4b056996c
Request Chain 512
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L6RC0R9W-4-M8UN&gdpr=0&us_privacy=1YN-
Request Chain 513
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=4764734661110149725
Request Chain 514
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FIwqCRZHvmIO3p7xTrCEtb3T
Request Chain 515
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FIwqCRZHvmIO3p7xTrCEtb3T
Request Chain 516
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiMzBlMDNjMjctNjNkMi00NGI5LTk2MDQtOGM5NTI0Y2VlMDM4IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0xM1QwMzoyMjowMS4zODMyOTdaIn0=
Request Chain 517
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1660360920768 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1126292566 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/1d21bf0c-4a0d-434d-a5b7-0628b31a7df1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dr1%26refUrl%3D%26vid%3D03609205913033625206452273000V10%26ovsid%3DRX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=r1&refUrl=&vid=03609205913033625206452273000V10&ovsid=RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004
Request Chain 518
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1976306189285439071
Request Chain 519
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=9f2dede7-e0a8-416c-bb59-baffdef61b9f
Request Chain 520
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F240%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Da4e7651c-637e-4eb8-b59d-30a648ca1c4b%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D
Request Chain 521
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-bPMF8CRE2uF2THiIJjih4uwZaFWjJTDSw57LycI-~A
Request Chain 522
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=1e92927f-84d0-dd39-ffb6-b48aee34b56b
Request Chain 523
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-bPMF8CRE2uF2THiIJjih4uwZaFWjJTDSw57LycI-~A
Request Chain 525
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=ba1962f7-18d8-4a00-a053-d0020e80600f&gdpr=&gdpr_consent=
Request Chain 526
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YvcY2AAGBwlDkgAK HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=YvcY2AAGBwlDkgAK&gdpr=&gdpr_consent=&_test=YvcY2AAGBwlDkgAK
Request Chain 529
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
Request Chain 531
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=YvcY2MCo8X4AAMgoXUsAAAAA
Request Chain 532
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=UOmxQYPAALeX7gjU01xi&pi=gumgum&tc=1
Request Chain 533
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 535
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L6RC0R9W-4-M8UN HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L6RC0R9W-4-M8UN
Request Chain 536
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=4764734661110149725
Request Chain 537
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_de3429c8-f31c-48ab-bba4-33bfe83a056e&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2285538726722248733&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=f5902f6c-8f9b-44bb-af11-1df39412e0e6
Request Chain 538
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%287dTFBhx3ZBoZuGxwwiMjrO5UcvAIZxoFkBCI4rcVbiwDsAlk6pWFxET5_7LgOVow%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%287dTFBhx3ZBoZuGxwwiMjrO5UcvAIZxoFkBCI4rcVbiwDsAlk6pWFxET5_7LgOVow%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_de3429c8-f31c-48ab-bba4-33bfe83a056e&obuid=ENC(7dTFBhx3ZBoZuGxwwiMjrO5UcvAIZxoFkBCI4rcVbiwDsAlk6pWFxET5_7LgOVow) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3D7dTFBhx3ZBoZuGxwwiMjrO5UcvAIZxoFkBCI4rcVbiwDsAlk6pWFxET5_7LgOVow%26gdpr%3D$GDPR_APPLIES%26gdpr_consent%3D$CONSNT_STRING HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=smart&uid=4960241744634227040&obUid=7dTFBhx3ZBoZuGxwwiMjrO5UcvAIZxoFkBCI4rcVbiwDsAlk6pWFxET5_7LgOVow&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
Request Chain 539
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=c7e19b23-99c4-4f99-9012-7e51cf51aaf2
Request Chain 540
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-f31f7f4c-6281-4bf8-4cc4-6126294317d2$ip$217.138.252.170
Request Chain 541
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-67jilTNE2peybjpts5sC2HdDS9ZAJFdgk0Iz~A
Request Chain 542
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=12555789-e34f-4b1b-9d3d-a08d66fcdb47
Request Chain 545
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_de3429c8-f31c-48ab-bba4-33bfe83a056e&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=o544vs0B1ldF4SvIuohK&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23ZVGQ2HM4ZQIIYWYZCGGRJXMSLVN5UEWJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23ZVGQ2HM4ZQIIYWYZCGGRJXMSLVN5UEWJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=o544vs0B1ldF4SvIuohK&us_privacy=1---
Request Chain 546
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=c8461c9a-9d8c-4442-b5f7-9da8e522489f
Request Chain 547
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8611154134 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/1d21bf0c-4a0d-434d-a5b7-0628b31a7df1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dr1%26refUrl%3D%26vid%3D03609205913033625206452273000V10%26ovsid%3DRX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=r1&refUrl=&vid=03609205913033625206452273000V10&ovsid=RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004
Request Chain 548
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=mIq75Rb5fCOf&ev=1&pid=558355
Request Chain 549
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=4960241744634227040
Request Chain 556
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=e3a462f7-18d8-4000-8222-2d03a6456a3e&gdpr=0&gdpr_consent=
Request Chain 557
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YvcY2AAGB6JGTAAK HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=YvcY2AAGB6JGTAAK&gdpr=0&gdpr_consent=&_test=YvcY2AAGB6JGTAAK
Request Chain 560
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
Request Chain 562
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=YvcY2MCo8X4AAMgoXUsAAAAA
Request Chain 563
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=UOmxQYPAALeX7gjU01xi&pi=gumgum&tc=1
Request Chain 564
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 566
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDk2MDI0MTc0NDYzNDIyNzA0MA==&gdpr=0&gdpr_consent=
Request Chain 567
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f5902f6c-8f9b-44bb-af11-1df39412e0e6&ssp=smartadserver&gdpr=0&gdpr_consent=
Request Chain 568
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=5e1b9faa-bfbb-4cf0-9fd1-403fe2974a7d&gdpr=0&gdpr_consent=
Request Chain 569
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=ORk16T4TN-ciGWHmbEp-7j0eMO4iTmrqaR29d3Di
Request Chain 571
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=4764734661110149725
Request Chain 572
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1&gdpr=0&gdpr_consent=
Request Chain 573
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1&gdpr=0&gdpr_consent=
Request Chain 574
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://b1sync.zemanta.com/usersync/sharethrough/ HTTP 302
  • https://stags.bluekai.com/site/23178?id=2mBIJSipobBfkwaONTAX&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZZW65LSMNSV62LEHVQTOOJTGUZTANJYGE2GMODDGVSTEYJTGRRGCNJUEZZW65LSMNSV65LTMVZF62LEHUZG2QSJJJJWS4DPMJBGM23XMFHU4VCBLA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZZW65LSMNSV62LEHVQTOOJTGUZTANJYGE2GMODDGVSTEYJTGRRGCNJUEZZW65LSMNSV65LTMVZF62LEHUZG2QSJJJJWS4DPMJBGM23XMFHU4VCBLA HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=2mBIJSipobBfkwaONTAX
Request Chain 576
  • https://rtb.mfadsrvr.com/sync?&ssp=yieldmo HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?&ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=1cc0970c-2451-456c-8b60-71b9d375677d&gdpr=&gdpr_pd=&gdpr_consent=
Request Chain 577
  • https://yieldmo-match.dotomi.com/match/bounce/current?&networkId=42851&version=1 HTTP 302
  • https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=681a59e96b12025&is_secure=true&=&networkId=42851&version=1 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AAAGpzHOd238hgNA-yQ9AAAAAAA&expiration=1660447321&=&is_secure=true
Request Chain 578
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g6dadd510c8b21ad617b HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
Request Chain 579
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=4764734661110149725&pn_id=an
Request Chain 588
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L6RC0R9W-4-M8UN HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=L6RC0R9W-4-M8UN
Request Chain 601
  • https://gcdn.2mdn.net/videoplayback/id/ffb9dc06f5c3e529/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3801746010/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/43FA36CF44C717575E940C3011AF827E16C8FF65.85130691D0F02CD68429ECE25D6FC8345E6C577A/key/ck2/file/file.mp4?cpn=P0IHTQnP6-C70rCF HTTP 302
  • https://r4---sn-oguesn6d.c.2mdn.net/videoplayback/id/ffb9dc06f5c3e529/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3801746010/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0FEFC7A7C99330B5C2EAFD0CD8C8823D1F1BD0A0.1EDB78283187ED3A4FDC2CA2AF9BAB2EFBDBFFE3/key/cms1/cms_redirect/yes/mh/1c/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguesn6d/ms/onc/mt/1660360114/mv/m/mvi/4/pl/48?cpn=P0IHTQnP6-C70rCF&file=file.mp4
Request Chain 612
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvIn8kCEOKvotkCGPe59M4BIAEwAQ&v=APEucNVRyx4sJjEXiEYJgVPApmmXjd6UkxVO9Hjf2Pkpu6_BgYF-KhzMkC2KC-p8k6EbBcCxcHmL_-Dqv6_oCQHi-5-Juf9gZrn-AVqHm6_PLoTvh0Mc6sI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adingo_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://cs.adingo.jp/sync/?from=dbm&id=CAESEJGYIzf0rcmxcS-R4-pI9zA&google_cver=1&gdpr=0
Request Chain 626
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Request Chain 632
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Request Chain 634
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 635
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1660360922993.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 636
  • https://ssc-cms.33across.com/ps/?_=1660360922993.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://u.4dex.io/setuid?bidder=33across&uid=117870380020475
Request Chain 637
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dthe33across%26bsw_param%3Df5902f6c-8f9b-44bb-af11-1df39412e0e6%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=6d5b18776b554e40a505a57c32996d0c&ssp=the33across&bsw_param=f5902f6c-8f9b-44bb-af11-1df39412e0e6&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=f5902f6c-8f9b-44bb-af11-1df39412e0e6 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=f5902f6c-8f9b-44bb-af11-1df39412e0e6&ts=1660360923&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 638
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1660360922993.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=c02b62f7-18d8-4b00-b88a-52a4b056996c
Request Chain 639
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1660360922993.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=4764734661110149725
Request Chain 640
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=O6sNR2L3GNo%2Bsn6KPu%2F7fA%3D%3D&us_privacy=&_rand=1660360922993.7 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_puuid=O6sNR2L3GNo%2Bsn6KPu%2F7fA%3D%3D&_pu HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_puuid=O6sNR2L3GNo%2Bsn6KPu%2F7fA%3D%3D&_pu&_expected_cookie=01e45ee99c42686f2e2ee8258675d878
Request Chain 641
  • https://map.go.affec.tv/map/3a/?pid=O6sNR2L3GNo%2Bsn6KPu%2F7fA%3D%3D&us_privacy=&ts=1660360922993.8 HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D62f718db0cba3f000143c900%26chc%3Dtt%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D HTTP 302
  • https://map.go.affec.tv/map/an/4764734661110149725?ch=62f718db0cba3f000143c900&chc=tt&gdpr=&gdpr_consent=&redirect_url= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&ch=62f718db0cba3f000143c900&chc=tt%7Can&gdpr=&gdpr_consent=&redirect_url= HTTP 302
  • https://map.go.affec.tv/map/ttd/1d21bf0c-4a0d-434d-a5b7-0628b31a7df1?ttd_puid=&gdpr=0&gdpr_consent=
Request Chain 642
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=O6sNR2L3GNo%2Bsn6KPu%2F7fA%3D%3D&us_privacy=&random=1660360922993.9&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=O6sNR2L3GNo%2Bsn6KPu%2F7fA%3D%3D&us_privacy=&random=1660360922993.9&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=b6666516-47ac-4666-a42b-44896fe45ab8&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3Db6666516-47ac-4666-a42b-44896fe45ab8%252C HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=b6666516-47ac-4666-a42b-44896fe45ab8&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3Db6666516-47ac-4666-a42b-44896fe45ab8%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=18364271378211970333985419335626303420&pt=b6666516-47ac-4666-a42b-44896fe45ab8%2C
Request Chain 643
  • https://dp1.33across.com/ps/?pid=669&uid=O6sNR2L3GNo%2Bsn6KPu%2F7fA%3D%3D&us_privacy=&random=1660360922993.10 HTTP 302
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=117870380020475&seg_code=33x&random=1660360923
Request Chain 644
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=L6RC0R9W-4-M8UN HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=L6RC0R9W-4-M8UN
Request Chain 646
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L6RC0R9W-4-M8UN HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L6RC0R9W-4-M8UN HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L6RC0R9W-4-M8UN&ts=1660360923&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 648
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=6e3bedabba1a20b7&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALn2vcDoznwAMgsHrRAAAAAAA&expiration=1660447323&nuid={OX_USER_ID}&is_secure=true
Request Chain 650
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=5B4E008793F54505B5A6F2E58C09A7F8
Request Chain 653
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=46mtB6UV1OmHIQ5
Request Chain 654
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YvcY2AAGB6JGTAAK
Request Chain 656
  • https://bk.r-ad.ne.jp/3/cs HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=4zx3M300YBDGa007uoNM
Request Chain 670
  • https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=c8461c9a-9d8c-4442-b5f7-9da8e522489f
Request Chain 740
  • https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Damb%26refUrl%3D%26vid%3D03609205623033625206452273000V10%26ovsid%3D%23USER_ID%23 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=amb&refUrl=&vid=03609205623033625206452273000V10&ovsid=3189454452451635575
Request Chain 744
  • https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Damb%26refUrl%3D%26vid%3D03609205913033625206452273000V10%26ovsid%3D%23USER_ID%23 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=amb&refUrl=&vid=03609205913033625206452273000V10&ovsid=3189454452451635575

738 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.onmsft.com/
Redirect Chain
  • http://www.onmsft.com/
  • https://www.onmsft.com/
174 KB
28 KB
Document
General
Full URL
https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87116b7a6726a61f4667e80412eef95b2da85386dd97fc9be7b063bbe770ef95
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-apo-via
origin,page-rules
cf-cache-status
BYPASS
cf-ray
739e52c84900afd6-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 13 Aug 2022 03:21:55 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Sat, 13 Aug 2022 03:20:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BgYyFHlzB1rmDZiPXcuaFLihoJi7%2B9QVAhyad7%2FP9sYm7VxnY0aIQdJWgvTw3ALcWm%2BffuZeGI%2BlKkwMLL75Tx5aZ58UdTYHU5kFV3KM4t%2BGRvNelA8ah%2FELIwBxlvH"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
739e52c7c8ad80ab-NRT
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 13 Aug 2022 03:21:55 GMT
Expires
Sat, 13 Aug 2022 04:21:55 GMT
Location
https://www.onmsft.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgpbxIzn4PfM95B%2BotKtSvLVB5YEvXfwP%2BqMXBrdUR0mpaVcinQ%2BQNSmmtwSsLUJriU5eJFezW08oUWC6ofvVLlj4k1LxVkHye2kTwNb29eM09UYUAWHlFHiuLFYlecI"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ramp.js
cdn.intergient.com/
153 KB
46 KB
Script
General
Full URL
https://cdn.intergient.com/ramp.js
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:0:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
3575f055d3eb04c4a4957e4d42f10e1faf131bc5dc1b57afc23a31d16b2882a5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:55 GMT
content-encoding
br
server
CloudFront
x-amz-cf-pop
NRT57-C3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 2abe7c09e4d4e443ea558b0b94988836.cloudfront.net (CloudFront)
x-lambda-function
us-east-1.pageos_production:140
cache-control
max-age=600, public, must-revalidate
x-amz-cf-id
zS0bffQ88kiBtwW45Vk2-1oqADLSp3um4AxDk9CE-6owWcTOGnO4kA==
style.min.css
www.onmsft.com/wp-includes/css/dist/block-library/
87 KB
12 KB
Stylesheet
General
Full URL
https://www.onmsft.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17345
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 13 Jul 2022 04:20:26 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"62ce480a-15b64"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHrt95OyLzl4K7FMToDULV9Gxnw4U61%2BQzUkW5qZdO5Z8McoBt4SwFXUUIXEumLA8ErHNkrXjva37UUGPr9Qupczg8ciu%2BvAM1%2BN5u8%2F3hiEBWYvFMkCPSrVoxKvVRgI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000
cf-ray
739e52cb7d7eafd6-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
mediaelementplayer-legacy.min.css
www.onmsft.com/wp-includes/js/mediaelement/
11 KB
3 KB
Stylesheet
General
Full URL
https://www.onmsft.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17345
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f735862-2bf8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGmR8ONP5FHVUrMk8DJFZ1h3J5%2BEbAx0obOjyUyO3hyVaSxjRFYE0e7cKFkUQlQNL4pkL1883oTrIiaC8IVMUwK5CjwonNNsHNjKdTc0PT9R9FDQ7ygO1aJI%2FMT1NYB0"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000
cf-ray
739e52cb7d80afd6-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-mediaelement.min.css
www.onmsft.com/wp-includes/js/mediaelement/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.onmsft.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.1
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17345
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5cfaccce-105a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJee%2Baz2tUeie7Etvj3DFU7JPNxyN%2BdPidnCqhXgiUIvECvg%2FrBbCFYyjeMVRvKJIsEIuc%2Fd2lBmhLmH1D1XO2XWcgDHQbzoyizEpW%2BIyTkKnNTZdMepwOnS3MRLHS36"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000
cf-ray
739e52cb7d85afd6-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
secondline-psb-styles.css
www.onmsft.com/wp-content/plugins/podcast-subscribe-buttons/assets/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://www.onmsft.com/wp-content/plugins/podcast-subscribe-buttons/assets/css/secondline-psb-styles.css?ver=6.0.1
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10874bfbd8b6d4a52eadf63e448622161b6d7f174084758557c12cfd22f38d36
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17345
cf-polished
origSize=6514
strict-transport-security
max-age=15552000; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 26 May 2022 16:48:08 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"628faf48-1972"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WN3Cup04h8AyO%2BkG1jefUcOtXzsbO7CWZCWBJm5cokEw7VG%2B2HIl3IRIqVCTdW7xD6ethPWG5eNsZsxYkvwzWVAqwibzcqOBzetJnzByH50dYnwJR0au90zfaOIb%2FO22"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
max-age=315360000
cf-ray
739e52cb7d86afd6-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-show-posts-min.css
www.onmsft.com/wp-content/plugins/wp-show-posts/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.onmsft.com/wp-content/plugins/wp-show-posts/css/wp-show-posts-min.css?ver=1.1.3
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3982be2c95b6e0cc6918d2a1c8d993a812a0873a393acb8b5a65c0dafa68e0a8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17345
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 12 Jan 2021 01:53:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5ffd0129-d9e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCaTDB%2Bhy%2Fg%2BL5wbtNPh0s%2FwF6p0AkML4KoIXD73I7Hm4BQEGs0CcXc7%2FgBVIJMBPOxQtJwQJrPl8KfS3h1ECAUDFIwndHqat7Xyp5NAfFtMBBr1DejHB%2BqRwjCWAdZT"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000
cf-ray
739e52cb7d87afd6-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-show-posts.min.css
www.onmsft.com/wp-content/plugins/wp-show-posts-pro/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://www.onmsft.com/wp-content/plugins/wp-show-posts-pro/css/wp-show-posts.min.css?ver=1.0.0
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da05e8d8fd53ff2e65e53a572be3999483ca18f9a72c4bbd66ab1098c4946210
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17345
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Mon, 18 Jan 2021 23:50:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"60061eb4-1c17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtHdmR%2B9KwnRCOYou3ipKNbZmAHig95QYjngEQGUp%2BeLMFPMWv6EMddeW887zxkKGYdTcOEpeRqm5i%2FgF2XZ%2BjCVYWvGpDHATYrsMRLdVKuOemnxbnWqmPfxQPU63%2FAw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000
cf-ray
739e52cb7d88afd6-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
wpp.css
www.onmsft.com/wp-content/plugins/wordpress-popular-posts/assets/css/
438 B
546 B
Stylesheet
General
Full URL
https://www.onmsft.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.0.3
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a391e09587513aa78421c34ed482a17a5e003c2132edd96227d53831a131b0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17345
cf-polished
origSize=1672
strict-transport-security
max-age=15552000; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 25 Jul 2022 13:46:03 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"62de9e9b-688"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNRofmbp69EqFmwLp9ozl46rNv6iZdN9B3e1pC7jwtXQxJ3OUXMoAhwWZElxq1cD385g28gXUGaOebVC%2F4jCRe3cbiQA1i9EhRl9AiO9S%2FnuU5RTVKKUdfKku7RWcUZ5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
max-age=315360000
cf-ray
739e52cb7d89afd6-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
www.onmsft.com/wp-content/themes/generatepress/
0
321 B
Stylesheet
General
Full URL
https://www.onmsft.com/wp-content/themes/generatepress/style.css?ver=6.0.1
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17345
cf-polished
origSize=1950
strict-transport-security
max-age=15552000; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 09 Feb 2022 22:58:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6204471a-79e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zskx0PLaJjgoyZeHsVTbepnDU4csf6njh4nBpxAVGehFNtDBXo8bhfpNfYdBRsGCtI1I4kBjGctF6b%2FVxKFPVRsomJjuZ%2FS6OU9hYZjNlsmI2hZ34y5UCpHPYAIdlDIu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
max-age=315360000
cf-ray
739e52cb7d8aafd6-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
fabric.min.css
static2.sharepointonline.com/files/fabric/office-ui-fabric-core/11.0.0/css/
331 KB
32 KB
Stylesheet
General
Full URL
https://static2.sharepointonline.com/files/fabric/office-ui-fabric-core/11.0.0/css/fabric.min.css?ver=6.0.1
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.10.7.242 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-7-242.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a934621dc97e4ded859fe0b4855b8a5359575f95b723812c92d776b4d98abc77

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 13 Aug 2022 03:21:55 GMT
content-encoding
gzip
last-modified
Mon, 22 Jun 2020 16:27:32 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D816C92A4A834D
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
37691312-b01e-0007-7ead-98ec78000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=28868459
x-ms-version
2009-09-19
content-length
32705
widget-areas.min.css
www.onmsft.com/wp-content/themes/generatepress/assets/css/components/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.onmsft.com/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.1.3
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17345
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 09 Feb 2022 22:58:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6204471a-d1e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akm5fHGvzqXRWXGWvmYCTOw7%2B1RSkqhJvt9Fi9Brint5lRK8cx4HVxeQrAdHNl384Q%2BBuPvMYARcdlbswxZmag1pKEDFyvExisMmqlnF%2FlCanBpPDIGbH4ZEPnZmUQlr"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000
cf-ray
739e52cb7d8bafd6-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.min.css
www.onmsft.com/wp-content/themes/generatepress/assets/css/
19 KB
5 KB
Stylesheet
General
Full URL
https://www.onmsft.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.1.3
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33a3b2b4bb13ccc6ea24e09ac28cf3934212a8191289ff8e032b8a25d84997f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17345
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 09 Feb 2022 22:58:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6204471a-4c36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qFKbHpsyplDkDFYTCeHx6IaOYb77A%2BsA3p6XynlZLkxzliAh7SEz2vO2aDVve70ZL2%2FPOKSoAuQlYduM6aHmsFamuVT504EGDJ4g7dniw4M0DMBV%2F8y0G7rlNO4bBVg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000
cf-ray
739e52cb7d8dafd6-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
widget.min.css
www.onmsft.com/wp-content/plugins/disqus-conditional-load-pro/assets/css/
1 KB
677 B
Stylesheet
General
Full URL
https://www.onmsft.com/wp-content/plugins/disqus-conditional-load-pro/assets/css/widget.min.css?ver=6.0.1
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
608df1d6ecc4720a3cddee4abdb6e9da22c0a52c6fdb2b3f37ac21d8507f0122
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 24 Mar 2021 16:37:29 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"605b6ac9-564"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEo1v0TOYGE71jiK4mtipXXVkISDumxChQnT06nR6TM6V4sq%2F%2BP2aGiCQ0i06T60jLNwi0VEIItf4YNyLK0qACsG3vnLTr968bwH0llgp9uFSwoiRxy7t3yIlmzXmYUW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000
cf-ray
739e52cb7d8eafd6-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
default.min.css
www.onmsft.com/wp-content/plugins/tablepress/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.onmsft.com/wp-content/plugins/tablepress/css/default.min.css?ver=1.14
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17345
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 20 Jul 2021 17:46:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"60f70c0f-13e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZLttss84buqhpRewFU5SEzTQ9L4lOA6Lw3M6dA%2FRWsJixzJg6bZRCgAMNjC4JL3q%2B3OFU41N3A0MlffyYhdMf6fzL8LjOCpedETKpRzogoxkfvGCb7DuiKh6cBzosIE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000
cf-ray
739e52cb7d8fafd6-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.min.css
www.onmsft.com/wp-content/uploads/generatepress/
9 KB
2 KB
Stylesheet
General
Full URL
https://www.onmsft.com/wp-content/uploads/generatepress/style.min.css?ver=1659840447
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
422a3e6965dd74fbf1fe43a012a1d5664d5904809ab03995bd62b1154c907488
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17345
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Sun, 07 Aug 2022 02:47:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"62ef27bf-2479"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91AKJ1vVkeGUEIxePgNl2LAJBQ9jpfdIwhh6dBhFK25wVd6Tn99EIxrFt3lhxreK66kyw5920KxSrLQbJ02TaVDrn61XWhDrjkQCfaJK7AvfAly%2BTJKsTMYc%2Fi83612Q"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000
cf-ray
739e52cb7d91afd6-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
www.onmsft.com/wp-content/themes/gp2022-child/
7 KB
3 KB
Stylesheet
General
Full URL
https://www.onmsft.com/wp-content/themes/gp2022-child/style.css?ver=1653321427
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38330a00f8205c7d062beed5fb3bade5f660758f43376ca3a8cbd71a010c7cac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17345
cf-polished
origSize=9602
strict-transport-security
max-age=15552000; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 23 May 2022 15:57:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"628baed3-2582"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dHVp7CCx4AOb9MyJ0knUq8dVavT8kDmSf5SWmvlLV6pIDbJSCg4ew9M84kYWqb4dDWFLpO1aahz4Z47E71FgbdykAChjaq0KmXDhXPgHBhFlK2YSYmhyI1xb1ilJnId1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
max-age=315360000
cf-ray
739e52cb7d93afd6-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.min.css
www.onmsft.com/wp-content/plugins/gp-premium/secondary-nav/functions/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://www.onmsft.com/wp-content/plugins/gp-premium/secondary-nav/functions/css/main.min.css?ver=2.1.2
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b8ea3665c171dfb165266c135c84516e4add691e3ecbf4f03b3272557cb70e2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17345
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 09 Feb 2022 22:58:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6204470c-1d07"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDdbuzU1%2FXa%2F8u90K9uS3yDkirDsW5HnmNduf6t31%2Fcq4AACYbj%2FgaYQEYTTeB%2BCLTFqkwtMb9hTWi0qtFTd89tA5e63LO9323sEEqvr0Aw8urF3QQnOPZ8453o8Hj%2BP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000
cf-ray
739e52cb7d95afd6-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
main-mobile.min.css
www.onmsft.com/wp-content/plugins/gp-premium/secondary-nav/functions/css/
3 KB
979 B
Stylesheet
General
Full URL
https://www.onmsft.com/wp-content/plugins/gp-premium/secondary-nav/functions/css/main-mobile.min.css?ver=2.1.2
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df88df96f09d9747755aa2b1f44bc857078fe9a8b6807897ed99d366d7271b20
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17345
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 09 Feb 2022 22:58:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6204470c-a23"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcbgc7EnPg%2BKTdqdxUbcKJHzcC67G7bMSkKM6eiQel5vlWc8R7zSCqDDRPHLcnAjtL1AYfgDst1cTSvLgc8cWVfqWfBrgLjMW%2BxUt%2BXfufs167zSMLdCb24dGgJEYsxm"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000
cf-ray
739e52cb7d96afd6-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
offside.min.css
www.onmsft.com/wp-content/plugins/gp-premium/menu-plus/functions/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://www.onmsft.com/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=2.1.2
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e0a0cbd95b4ea35efc98fbff81df090292953d6da6e3f89c609993a672849c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17345
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 09 Feb 2022 22:58:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6204470c-1730"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSGKrvml%2Blon3UFySMUrMDaXFSZUH1FaUoLRqQHMS2ifzGVXWaflgb95UZH41ahQ9S0bW3WmHrrTPBSZ4F%2FfwwKnumZLcl%2BtT2rgex0KWdYq%2BzlRB1qBJMVQKN5RAJuZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000
cf-ray
739e52cb7d97afd6-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
navigation-branding-flex.min.css
www.onmsft.com/wp-content/plugins/gp-premium/menu-plus/functions/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.onmsft.com/wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding-flex.min.css?ver=2.1.2
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c8eb7fd8354e29e58e77290872b6e05a65404a4d16fe26996b72b6f2f606281
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17345
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 09 Feb 2022 22:58:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6204470c-a06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxRKBUWBw9Y7zpcaqQkuv7mXQsrcpNueMjObkjm0iLUFtIuGe3WQKVrA96sRDcCegUyC%2BQwVV0gPFc98B9RnvjmpveO%2FMKTQ1gE5LD8MTayEUaL1n6Hge%2BfWZCpBKQD8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000
cf-ray
739e52cb7d98afd6-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
jetpack.css
www.onmsft.com/wp-content/plugins/jetpack/css/
84 KB
17 KB
Stylesheet
General
Full URL
https://www.onmsft.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.2
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c552d123b46d213f451750ceb2d6e5a8852824b0bc9f7e32a0224d2eabd06698
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17345
cf-polished
origSize=85690
strict-transport-security
max-age=15552000; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Aug 2022 16:43:57 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"62e9544d-14eba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mw1eL2%2F6zimaZIM9KO%2F4vH6X6L9X%2FOOf61p%2Bo2QKrypjy5s%2B%2FFsrhcZPUtpsEZ2YD0Z3vmACpIiKS74oKB1RMy5I09RryxZYshUiIDyoZKPit632z%2BQ7Yrgyw6gDePxb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
max-age=315360000
cf-ray
739e52cb7d99afd6-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
microsoft-exterior-logo-pexels-640x480.jpg
ehsw47mb2ee.exactdn.com/wp-content/uploads/2022/08/
11 KB
12 KB
Image
General
Full URL
https://ehsw47mb2ee.exactdn.com/wp-content/uploads/2022/08/microsoft-exterior-logo-pexels-640x480.jpg?strip=all&lossy=1&ssl=1
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.162.249 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-714.bunnyinfra.net
Software
BunnyCDN-SG-714 /
Resource Hash
4e3af35d6bd2cc8cf6c635e81110bf42b20016dfb08f0ba3072a57daa725309f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
x-content-type-options
nosniff
cdn-edgestorageid
867
access-control-allow-origin
*
cdn-cachedat
08/10/2022 15:05:05
cdn-pullzone
369249
content-length
11362
server
BunnyCDN-SG-714
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires
Thu, 10 Aug 2023 14:37:53 GMT
last-modified
Wed, 10 Aug 2022 14:37:53 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
content-type
image/webp
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-uid
282460b1-e21e-44b6-a162-b4892cda4727
cdn-requestid
002ae5404aec3970ced4ba9fb53756a1
cdn-requestcountrycode
JP
link
<https://www.onmsft.com/wp-content/uploads/2022/08/microsoft-exterior-logo-pexels-640x480.jpg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Oneoutlook-200x150.jpg
ehsw47mb2ee.exactdn.com/wp-content/uploads/2022/05/
4 KB
5 KB
Image
General
Full URL
https://ehsw47mb2ee.exactdn.com/wp-content/uploads/2022/05/Oneoutlook-200x150.jpg?strip=all&lossy=1&ssl=1
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.162.249 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-714.bunnyinfra.net
Software
BunnyCDN-SG-714 /
Resource Hash
0757f9ceb9f7df4adc4894dbb8bb3cd4c1340d7ce5798c20c6bdfb641ca48c99
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
x-content-type-options
nosniff
cdn-edgestorageid
783
access-control-allow-origin
*
cdn-cachedat
08/11/2022 14:06:59
cdn-pullzone
369249
content-length
4082
server
BunnyCDN-SG-714
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires
Fri, 11 Aug 2023 13:55:35 GMT
last-modified
Thu, 14 Jul 2022 07:22:53 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
content-type
image/webp
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-uid
282460b1-e21e-44b6-a162-b4892cda4727
cdn-requestid
f14131b9be491964ebaa82ebb19c9f94
cdn-requestcountrycode
JP
link
<https://www.onmsft.com/wp-content/uploads/2022/05/Oneoutlook-200x150.jpg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
hard-drive.jpg
ehsw47mb2ee.exactdn.com/wp-content/uploads/2022/08/
21 KB
22 KB
Image
General
Full URL
https://ehsw47mb2ee.exactdn.com/wp-content/uploads/2022/08/hard-drive.jpg?strip=all&lossy=1&w=877&ssl=1
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.162.249 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-714.bunnyinfra.net
Software
BunnyCDN-SG-714 /
Resource Hash
97ef77f003a8992876879cab655f28a13ebf43d0bb2fa1f10e7bd6c79b7366eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
x-content-type-options
nosniff
cdn-edgestorageid
784
access-control-allow-origin
*
cdn-cachedat
08/12/2022 15:02:29
cdn-pullzone
369249
content-length
21936
server
BunnyCDN-SG-714
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires
Sat, 12 Aug 2023 15:02:29 GMT
last-modified
Fri, 12 Aug 2022 15:02:16 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
content-type
image/webp
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-uid
282460b1-e21e-44b6-a162-b4892cda4727
cdn-requestid
cb8e9f2557ddb2cb6c9116cb8da3448d
cdn-requestcountrycode
JP
link
<https://www.onmsft.com/wp-content/uploads/2022/08/hard-drive.jpg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Asset-2@2x.png
ehsw47mb2ee.exactdn.com/wp-content/uploads/2021/03/
1 KB
2 KB
Image
General
Full URL
https://ehsw47mb2ee.exactdn.com/wp-content/uploads/2021/03/Asset-2@2x.png?strip=all&lossy=1&ssl=1
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.162.249 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-714.bunnyinfra.net
Software
BunnyCDN-SG-714 /
Resource Hash
0fac76018e05fc11d382cb270a754b5219f5ec8fb7c453548839bfd2c825e84f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
x-content-type-options
nosniff
cdn-edgestorageid
858
access-control-allow-origin
*
cdn-cachedat
06/24/2022 14:36:59
cdn-pullzone
369249
content-length
1212
server
BunnyCDN-SG-714
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires
Wed, 07 Jun 2023 13:10:02 GMT
last-modified
Mon, 06 Jun 2022 15:07:51 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
content-type
image/webp
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-uid
282460b1-e21e-44b6-a162-b4892cda4727
cdn-requestid
62c785b9b4d2e7b7da89150d56c2aec8
cdn-requestcountrycode
JP
link
<https://www.onmsft.com/wp-content/uploads/2021/03/Asset-2@2x.png>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
style-min.css
www.onmsft.com/wp-content/plugins/lightweight-social-icons/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://www.onmsft.com/wp-content/plugins/lightweight-social-icons/css/style-min.css?ver=1.1
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14b307ca014eb6ef91b493be723343b71a1b8e876d20522e794cbe74c8f7cd6a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17345
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 12 Jan 2021 01:53:41 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5ffd0125-1f35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BWVz39oP9R3b%2FBDDOJX1vN1MnJQw68TtztbLM05E3WsOnqjrNZtnEkiRVTBKAszvm%2Bf29gGStDFmEoYZlOHOd9fAPhqQ86qk7dKjAkNI3SAUE416rGQbiZLMpt4fnv%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000
cf-ray
739e52cd0d1480e7-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
embed.min.js
www.onmsft.com/wp-content/plugins/disqus-conditional-load-pro/assets/js/
1 KB
1 KB
Script
General
Full URL
https://www.onmsft.com/wp-content/plugins/disqus-conditional-load-pro/assets/js/embed.min.js?ver=11.0.6
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5d613b2da852cab0efedfdd06cc307bf21940b81f22b10f7dba9df228ebde73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17345
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 24 Mar 2021 16:37:29 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"605b6ac9-518"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H2Xd0QfWpJGInWfFoFmT8TWFkNN23g2tJSyk49bRnPg13S0qWbLBoda2nyH1K46eJox5Evger%2BwzaB6QQJJlDLWpzZ5heTaYiLuw4drgKRfobfZIsHw%2F7fBHiJywL3xG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
739e52cee80f80e7-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
rocket-loader.min.js
www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
last-modified
Tue, 09 Aug 2022 17:04:07 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"62f29387-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeciXN4e6CA4PvwN7oZW5NE1kF7sAXxLeHeGng3tVigxjtx%2B3wxmFLEMIkb5MDKU0vziTfAAklgImbxE34H%2B%2F3n3RW3cg%2BS%2BWyWSDiIA4oYJg8WnJQLVIE0RP9Grv5I4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
739e52cee81080e7-NRT
expires
Mon, 15 Aug 2022 03:21:56 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/
14 KB
5 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://www.onmsft.com/
Origin
https://www.onmsft.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
739e52cf2a841ed8-NRT
css2
fonts.googleapis.com/
8 KB
780 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&display=swap
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/wp-content/themes/gp2022-child/style.css?ver=1653321427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
16acd59986e2efe7c9b34149898876c0686b508346271954c51b26ab5267efc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 03:21:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 13 Aug 2022 03:21:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Aug 2022 03:21:55 GMT
css2
fonts.googleapis.com/
1 KB
910 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;600&display=swap
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/wp-content/themes/gp2022-child/style.css?ver=1653321427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d73f9d83affe674000559d4bd566b7509d85e7cd3c0856410f3b08f242e102a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 03:21:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 13 Aug 2022 03:21:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Aug 2022 03:21:55 GMT
videoCard.01fa78e7064a386f48fc.js
cdn.intergient.com/pageos/1.8.13/
554 B
898 B
Script
General
Full URL
https://cdn.intergient.com/pageos/1.8.13/videoCard.01fa78e7064a386f48fc.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:0:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df49112f965565d7af2a8ac08e7000ab6c2731ced4340c2b6c89a8097e94c2ea

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:56:38 GMT
via
1.1 2abe7c09e4d4e443ea558b0b94988836.cloudfront.net (CloudFront)
last-modified
Wed, 03 Aug 2022 04:08:38 GMT
server
AmazonS3
age
80719
etag
"ce3cc474e63b7f656de18953fb710c43"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
NRT57-C3
accept-ranges
bytes
content-length
554
x-amz-cf-id
iZhNYKvWYAlxib2PljDla-1dwIl4jz295yIwN8xP6Izf4l3m0BUG1w==
batchHandler.48b67d8f5be3c2f25514.js
cdn.intergient.com/pageos/1.8.13/
3 KB
2 KB
Script
General
Full URL
https://cdn.intergient.com/pageos/1.8.13/batchHandler.48b67d8f5be3c2f25514.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:0:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48027641b9b68fc4c935af1c09f60855127855d88d6db82cbc0636c051964377

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 12:57:38 GMT
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:08:38 GMT
server
AmazonS3
age
52849
etag
W/"54fee70c6729768e1d9c151cc2f3f4cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2abe7c09e4d4e443ea558b0b94988836.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
n7rgvboXDhgxor-lOZgebKEQWXz7nE32jyOPphVw7GlknxRK19UOAg==
banner.json
config.playwire.com/1023788/v2/websites/71908/
128 KB
7 KB
XHR
General
Full URL
https://config.playwire.com/1023788/v2/websites/71908/banner.json
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b7:5800:1a:1459:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
dbb849be149a060a47a9d77df7d9631ef4e4815e6c7cc709a80f51755e248b83

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 16:42:40 GMT
via
1.1 vegur, 1.1 c137bc17e805245537f28ce3f33d7c76.cloudfront.net (CloudFront)
vary
Accept-Encoding
age
38355
x-cache
Hit from cloudfront
content-encoding
br
server
Cowboy
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
hw-country-code
cache-control
public, max-age=600
hw-country-code
JP
x-amz-cf-pop
NRT57-C4
x-amz-cf-id
kZy_nNFyyFFlqUU8PodBh-a6akmlJCJo73g4F9zMajMKscPMfEZIUw==
moatheader.js
z.moatads.com/playwireprebidheader597261727146/
218 KB
77 KB
Script
General
Full URL
https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ea5db30cea39dc8a5dbee45db96949c13c473febb15b58b1886e3dc6cb65e6f9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
gzip
last-modified
Thu, 04 Aug 2022 15:33:15 GMT
server
AmazonS3
x-amz-request-id
EH77RPB1DSN0FQBV
etag
"b0dcedd2895c1a40e86bb99fbd33a567"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=15115
accept-ranges
bytes
content-length
78006
x-amz-id-2
d9bK+wgy36clQZarfiM0SaoKjCHIAc4kyQVj6RLc9fN03qB9VwoKlHaNViNayHF4FyFSN4fLi3I=
595.6fce560e7fa7815d2879.js
cdn.intergient.com/pageos/1.8.13/
31 KB
13 KB
Script
General
Full URL
https://cdn.intergient.com/pageos/1.8.13/595.6fce560e7fa7815d2879.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:0:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14236752d996478403c4d4f42c2f7fdf0c78a6643f99e0b5c817c068924936fc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:35:45 GMT
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:08:38 GMT
server
AmazonS3
age
81972
etag
W/"1c18f36e6af43144e436dfd8647be52d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2abe7c09e4d4e443ea558b0b94988836.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
GzxDmG7MDWGzXgGxAgluAbBxY4e831u80HkBU7WfEMirKfNwwfEE2Q==
config.json
config.playwire.com/audience_segments/
63 KB
11 KB
XHR
General
Full URL
https://config.playwire.com/audience_segments/config.json
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b7:5800:1a:1459:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
dca48efa0eba135456616483c746f374a1291cdeb8b2f7e4946db4d39bcf736f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 15:41:10 GMT
via
1.1 vegur, 1.1 c137bc17e805245537f28ce3f33d7c76.cloudfront.net (CloudFront)
vary
Accept-Encoding
age
42046
x-cache
Hit from cloudfront
content-encoding
br
server
Cowboy
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
hw-country-code
cache-control
public, max-age=600
hw-country-code
JP
x-amz-cf-pop
NRT57-C4
x-amz-cf-id
2EFM5qhSpxAo7_TcxPbhkV0_J5EpgVETaO82slHW2bFDo4e9L0aTdw==
123.99f45c8adac09db92bfc.js
cdn.intergient.com/pageos/1.8.13/
3 KB
1 KB
Script
General
Full URL
https://cdn.intergient.com/pageos/1.8.13/123.99f45c8adac09db92bfc.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:0:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e165528111ab4b2fd6c3dc4966ccec9dcc6e3eb41358c2cfcce959bdc392c0dd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:35:45 GMT
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:08:38 GMT
server
AmazonS3
age
81972
etag
W/"4bb7dcfc74bf12eb67782402a995f254"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2abe7c09e4d4e443ea558b0b94988836.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
ivRTNgU-RhgBf6xPldZEAThMehzzkkocqzo6mKEsF9ihetVFTU_TQw==
tag
btloader.com/
36 KB
11 KB
Script
General
Full URL
https://btloader.com/tag?o=5150306120761344&upapi=true
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1042d9fcdd8d21693704061b4f88ae135f4c1fbfa56b44b10560d2301f43c2cd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
739e52cf1c04af67-NRT
date
Sat, 13 Aug 2022 03:21:56 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Sat, 13 Aug 2022 03:00:46 GMT
server
cloudflare
age
1120
etag
W/"0b807faafe2c36c9420a26727d0bb942"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bw%2Baeu%2F9HSBhBIyjGoaxVk9e0ZQzrTvDcSgteolw3eQJdcDFlI7GWvnN3sZwMhHSwYNXSmG%2F3wMP9NBVTgGeKXCqMJvQdcoU%2B5xX1Au7RmJBj0ZS0r1WIC6g72dMxgMW%2B4U3m1a%2ByK3Rog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
nielsen.b850d86715bcafaea630.js
cdn.intergient.com/pageos/1.8.13/
2 KB
1 KB
Script
General
Full URL
https://cdn.intergient.com/pageos/1.8.13/nielsen.b850d86715bcafaea630.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:0:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55542c02f59ac047bd7ef87d8a2981b541995a09de59a89e419292a91f241202

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 12:57:40 GMT
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:08:38 GMT
server
AmazonS3
age
67181
etag
W/"70341af160996aa15aad5fcd74fdda2a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2abe7c09e4d4e443ea558b0b94988836.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
3L46scgqVNmNbXuHFzou5J4oND-_zVevmD7wJdJwLheMI8jrzfzjHA==
sync.min.js
tags.crwdcntrl.net/lt/c/16180/
29 KB
29 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16180/sync.min.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-99.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43f12cb68a8b2b68b5e244818bdbebd8749112e10adb1a1ccd5da26b90fb10fb

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 12 Aug 2022 11:12:04 GMT
via
1.1 007169704d5c4a25adb585fa1690d786.cloudfront.net (CloudFront)
last-modified
Tue, 19 Jul 2022 18:03:30 GMT
server
AmazonS3
age
77762
etag
"785b858eb4cecfac2ed334a1ef037936"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-pop
NRT57-C3
accept-ranges
bytes
content-length
29536
x-amz-cf-id
aWy_SJiWDqRcaFoh_7OTs3ivFfd5-eh655JLuRZUIXMUTIlICTkpQA==
gtm.js
www.googletagmanager.com/
116 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WKG65QB
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:812::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5b152c999ecf4c65b4249f4897857311220979abd01490a1b2ce2a1203030522
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44992
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Aug 2022 03:21:56 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.onmsft.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 19:36:35 GMT
x-content-type-options
nosniff
age
200721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Aug 2023 19:36:35 GMT
iframe.html
cdn.intergient.com/pageos/1.8.13/iframe/ Frame F3B3
497 B
815 B
Document
General
Full URL
https://cdn.intergient.com/pageos/1.8.13/iframe/iframe.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:0:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9d8d341a264fd6f00684e024893715f1162dda46fbde7748212305e4e880024

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
84949
content-length
497
content-type
text/html
date
Fri, 12 Aug 2022 03:46:08 GMT
etag
"ba25692ccce89b79b51676995ab96f20"
last-modified
Wed, 03 Aug 2022 04:08:38 GMT
server
AmazonS3
via
1.1 2abe7c09e4d4e443ea558b0b94988836.cloudfront.net (CloudFront)
x-amz-cf-id
iFZdmgUYIZK91KZmPw8eGSEMipGsDr_F5x5PKAKwNMRqRCsO0fzrXA==
x-amz-cf-pop
NRT57-C3
x-cache
Hit from cloudfront
truncated
/
67 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7da7251aae5c494815f9de13fd38220a3f22dc4262f55a1e813963cd33993b08

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.onmsft.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 17:09:40 GMT
x-content-type-options
nosniff
age
295936
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 17:09:40 GMT
fabricmdl2icons-3.54.woff
static2.sharepointonline.com/files/fabric/assets/icons/
181 KB
182 KB
Font
General
Full URL
https://static2.sharepointonline.com/files/fabric/assets/icons/fabricmdl2icons-3.54.woff
Requested by
Host: static2.sharepointonline.com
URL: https://static2.sharepointonline.com/files/fabric/office-ui-fabric-core/11.0.0/css/fabric.min.css?ver=6.0.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.10.7.242 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-7-242.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c196bd11a6ada8107e9f065486e36c8db58b03b529bf891970b9336efd8a6130

Request headers

Referer
https://static2.sharepointonline.com/files/fabric/office-ui-fabric-core/11.0.0/css/fabric.min.css?ver=6.0.1
Origin
https://www.onmsft.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 13 Aug 2022 03:21:56 GMT
last-modified
Mon, 22 Jun 2020 16:25:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D816C8E15C6039
content-type
font/woff
access-control-allow-origin
*
x-ms-request-id
fe40e685-c01e-000d-5275-8f48cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=27874385
x-ms-version
2009-09-19
content-length
185052
truncated
/
64 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
fontello.woff
www.onmsft.com/wp-content/plugins/lightweight-social-icons/fonts/
23 KB
16 KB
Font
General
Full URL
https://www.onmsft.com/wp-content/plugins/lightweight-social-icons/fonts/fontello.woff
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/wp-content/plugins/lightweight-social-icons/css/style-min.css?ver=1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b6e0cc5ce7dad5ae275d7ac33c17034f27f801270805bf8d320bab919045a2c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onmsft.com/wp-content/plugins/lightweight-social-icons/css/style-min.css?ver=1.1
Origin
https://www.onmsft.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1026
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 12 Jan 2021 01:53:41 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5ffd0125-5b20"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bBEi1vuU2A8OQV0YeTMzAXr1SIOEkF6QcJdAX3892XlPGt7QbSfJDg4TXisGTSGN45EuDK2tr7VyxXkUb8a22eNTtDM8MSxUeECjpGRTxXMyAnVoWIgcfAeRYkyypzBg"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
vary
Accept-Encoding
cf-ray
739e52cf890580e7-NRT
color-palette.jpg
ehsw47mb2ee.exactdn.com/wp-content/uploads/2022/08/
84 KB
84 KB
Image
General
Full URL
https://ehsw47mb2ee.exactdn.com/wp-content/uploads/2022/08/color-palette.jpg?strip=all&lossy=1&w=877&ssl=1
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.162.249 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-714.bunnyinfra.net
Software
BunnyCDN-SG-714 /
Resource Hash
d732c1bec467df9a8fca7668af67a75f402772cbeafb6c5734cac1891a373871
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
x-content-type-options
nosniff
cdn-edgestorageid
944
access-control-allow-origin
*
cdn-cachedat
08/12/2022 15:06:48
cdn-pullzone
369249
content-length
85610
server
BunnyCDN-SG-714
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires
Sat, 12 Aug 2023 15:04:58 GMT
last-modified
Fri, 12 Aug 2022 15:02:30 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
content-type
image/webp
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-uid
282460b1-e21e-44b6-a162-b4892cda4727
cdn-requestid
716b95c62f72fd33e3a7cf8f7f23478b
cdn-requestcountrycode
JP
link
<https://www.onmsft.com/wp-content/uploads/2022/08/color-palette.jpg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
cropped-6.jpg
ehsw47mb2ee.exactdn.com/wp-content/uploads/2022/08/
12 KB
13 KB
Image
General
Full URL
https://ehsw47mb2ee.exactdn.com/wp-content/uploads/2022/08/cropped-6.jpg?strip=all&lossy=1&w=877&ssl=1
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.162.249 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-714.bunnyinfra.net
Software
BunnyCDN-SG-714 /
Resource Hash
18a97a55ed03f23d0ca69393817772d428354596995da060498f744824f7b2be
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
x-content-type-options
nosniff
cdn-edgestorageid
868
access-control-allow-origin
*
cdn-cachedat
08/12/2022 14:01:02
cdn-pullzone
369249
content-length
12728
server
BunnyCDN-SG-714
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires
Sat, 12 Aug 2023 13:54:47 GMT
last-modified
Fri, 12 Aug 2022 13:54:46 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
content-type
image/webp
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-uid
282460b1-e21e-44b6-a162-b4892cda4727
cdn-requestid
a49c230167b314ff3d21645aca21fac7
cdn-requestcountrycode
JP
link
<https://www.onmsft.com/wp-content/uploads/2022/08/cropped-6.jpg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
outlook-email.jpg
ehsw47mb2ee.exactdn.com/wp-content/uploads/2022/08/
20 KB
21 KB
Image
General
Full URL
https://ehsw47mb2ee.exactdn.com/wp-content/uploads/2022/08/outlook-email.jpg?strip=all&lossy=1&w=877&ssl=1
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.162.249 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-714.bunnyinfra.net
Software
BunnyCDN-SG-714 /
Resource Hash
f35b72721f9a264bea2bf4dbf31f729e5f058eff5a746ee6052886caf8af321f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
x-content-type-options
nosniff
cdn-edgestorageid
858
access-control-allow-origin
*
cdn-cachedat
08/09/2022 15:04:01
cdn-pullzone
369249
content-length
20246
server
BunnyCDN-SG-714
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires
Wed, 09 Aug 2023 14:55:53 GMT
last-modified
Tue, 09 Aug 2022 14:55:52 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
content-type
image/webp
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-uid
282460b1-e21e-44b6-a162-b4892cda4727
cdn-requestid
918c36b491ebe895f425821d869717d5
cdn-requestcountrycode
JP
link
<https://www.onmsft.com/wp-content/uploads/2022/08/outlook-email.jpg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
outlook-mail.jpg
ehsw47mb2ee.exactdn.com/wp-content/uploads/2022/08/
30 KB
31 KB
Image
General
Full URL
https://ehsw47mb2ee.exactdn.com/wp-content/uploads/2022/08/outlook-mail.jpg?strip=all&lossy=1&w=877&ssl=1
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.162.249 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-714.bunnyinfra.net
Software
BunnyCDN-SG-714 /
Resource Hash
2d868787e520c2f965fa351560afe927385aaca3a80b5e8c53e3b93a477f159f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
x-content-type-options
nosniff
cdn-edgestorageid
714
access-control-allow-origin
*
cdn-cachedat
08/09/2022 15:04:01
cdn-pullzone
369249
content-length
30616
server
BunnyCDN-SG-714
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires
Wed, 09 Aug 2023 14:04:12 GMT
last-modified
Tue, 09 Aug 2022 14:04:08 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
content-type
image/webp
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-uid
282460b1-e21e-44b6-a162-b4892cda4727
cdn-requestid
56bb0147e0a4af6c524d7fd670050ff8
cdn-requestcountrycode
JP
link
<https://www.onmsft.com/wp-content/uploads/2022/08/outlook-mail.jpg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Untitled-design-2022-02-17T154223.879.jpg
ehsw47mb2ee.exactdn.com/wp-content/uploads/2022/02/
25 KB
26 KB
Image
General
Full URL
https://ehsw47mb2ee.exactdn.com/wp-content/uploads/2022/02/Untitled-design-2022-02-17T154223.879.jpg?strip=all&lossy=1&w=877&ssl=1
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.162.249 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-714.bunnyinfra.net
Software
BunnyCDN-SG-714 /
Resource Hash
6eb290ed5848560144dea3777330a6dab5bfc35f0e5ee64e87de299675f290fc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
x-content-type-options
nosniff
cdn-edgestorageid
867
access-control-allow-origin
*
cdn-cachedat
08/09/2022 16:54:59
cdn-pullzone
369249
content-length
25734
server
BunnyCDN-SG-714
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires
Wed, 09 Aug 2023 16:45:09 GMT
last-modified
Tue, 09 Aug 2022 16:41:38 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
content-type
image/webp
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-uid
282460b1-e21e-44b6-a162-b4892cda4727
cdn-requestid
df4e10902c510a84fa0b96b36dc8a356
cdn-requestcountrycode
JP
link
<https://www.onmsft.com/wp-content/uploads/2022/02/Untitled-design-2022-02-17T154223.879.jpg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
iframe.js
cdn.intergient.com/pageos/1.8.13/iframe/ Frame F3B3
16 KB
7 KB
Script
General
Full URL
https://cdn.intergient.com/pageos/1.8.13/iframe/iframe.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.8.13/iframe/iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:0:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e7a190a04d7313734e740edcf2248fc10090ef52c198889a7d274fc4cc09024

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.intergient.com/pageos/1.8.13/iframe/iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 14:37:10 GMT
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:08:38 GMT
server
AmazonS3
age
45887
etag
W/"48ffdbe10bc80dc5a9e26057bd7d264c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2abe7c09e4d4e443ea558b0b94988836.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
bwWs5Wne3lPu5-BNxdqlDCvjx81lunZ9mLk6dnbrp1ZZ9slLtj1YMw==
lazyload.min.js
www.onmsft.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/
8 KB
3 KB
Script
General
Full URL
https://www.onmsft.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 05 Aug 2022 13:54:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"62ed2110-2063"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmE70BPPzx9N36q87F3mnJYP2B36VTgEg3rxJGuFVBA415jPKO7iTQbI7w5G6Bjq8njqThn4iLXr80mO%2FYZf1lbEERirbQNjtIypJ3F0ZPQ9dQxFs130eOVqYtiR%2Fb%2FM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
739e52cfb96280e7-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
e-202232.js
stats.wp.com/
9 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202232.js
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc
HIT nrt
date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
server
nginx
etag
W/"61b11a4d-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 30 Jul 2023 18:37:37 GMT
jquery.matchHeight.js
www.onmsft.com/wp-content/plugins/wp-show-posts/js/
5 KB
2 KB
Script
General
Full URL
https://www.onmsft.com/wp-content/plugins/wp-show-posts/js/jquery.matchHeight.js?ver=1.1.3
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f1b51337be99b356f1400fd895035f8022d4fa8a99b17c16a3500445fab1b73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=12197
strict-transport-security
max-age=15552000; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 12 Jan 2021 01:53:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5ffd0129-2fa5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTwjknXEuZMNmdkyNq9vCm6qPW3AtDwh4CgkX6ZCoe9WPLnURHTyJo6U6omheUJETONWfkqPXbVi1nUJ4zbn1EZWkHxlY9wh6P7LP6kZrZeNAAfHl%2F1ZprozWVqflHLQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-bgj
minify
cache-control
max-age=315360000
cf-ray
739e52cfb96680e7-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.masonry.min.js
www.onmsft.com/wp-includes/js/jquery/
2 KB
1 KB
Script
General
Full URL
https://www.onmsft.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 18 Aug 2016 18:55:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"57b604a2-71b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZ%2FNKOgH4iB0Psj9idM5HmhcS88rDqJafP6nnP5Nqob%2BxCwgbWQ8TLodS3YVSM8%2FqTj0LaJ6NDIb7gsxL9WWWrWgKUVxw1rjtzOOfoBn39sRO4hZ%2BogMXkOZ9pfLdDOv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
739e52cfb96880e7-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
masonry.min.js
www.onmsft.com/wp-includes/js/
24 KB
8 KB
Script
General
Full URL
https://www.onmsft.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 13 Jun 2020 18:53:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5ee520a7-5e4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXScXu6qVopEkOjIhEu5DsmG7fMb16WMPIkHFJIiANlbEs7d6nDErDUXDURs6mdqgfZzdPbCY7BFy5akEwEBZcwiv2Ak73UiNa6J6zZxugqkVGUOn4q6Ryj0NqZPzSxP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
739e52cfb96a80e7-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
imagesloaded.min.js
www.onmsft.com/wp-includes/js/
5 KB
2 KB
Script
General
Full URL
https://www.onmsft.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 13 Jun 2020 18:53:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5ee520a7-15fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75DnNApBETDgDwN9Pf%2BNVOrWMxsAxvf63%2B1a9i34ipIXiSXjiiem7VXYBB78cJsUfrsEbGMp0toDBr2rzStK0wtkj9rtEUmFHYlrpMwmmMb5fqZjLoza1oLdTZYbgZm7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
739e52cfb96b80e7-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
imagesloaded.pkgd.min.js
www.onmsft.com/wp-content/plugins/wp-show-posts-pro/modules/ajax-pagination/js/
5 KB
2 KB
Script
General
Full URL
https://www.onmsft.com/wp-content/plugins/wp-show-posts-pro/modules/ajax-pagination/js/imagesloaded.pkgd.min.js?ver=1.0.0
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
673d2cec1d3719e9bc6bd6a4d71abe5693f545758d19b138e511c3a2b776cbc8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 18 Jan 2021 23:50:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"60061eb4-1525"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDXDxfC5ypNBs6h420wYwn4vkmssJ%2FexU8%2Bjd6SeyvDyJN0szVYpxA06O6s1qqFCJBhA%2BV0E4H62pjD9Rrdo5TI3NaPZWYqPIfUDr0nDbsIQE20ZiARivLh0LQdM6C7H"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
739e52cfb96c80e7-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.tooltipster.min.js
www.onmsft.com/wp-content/plugins/lightweight-social-icons/js/
17 KB
5 KB
Script
General
Full URL
https://www.onmsft.com/wp-content/plugins/lightweight-social-icons/js/jquery.tooltipster.min.js?ver=1.1
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db8827df299fb574b5b1019eca3d316bec9ebefcfd279f9bd0eb591bd991abf2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 12 Jan 2021 01:53:41 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5ffd0125-4322"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUmY9uLWaNIt7AfGqtXPn2%2FI4ruzzDXPNQ61UbZU2ITXXuIAiE6Y0IxCT9RZaqEScMjtAYMOcmViBDMKJRRoYn4z%2BBD80PF9E07t%2B4edjvEoFN6VwCcWh%2BwIXySDRVPF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
739e52cfb96d80e7-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
twitter-timeline.min.js
www.onmsft.com/wp-content/plugins/jetpack/_inc/build/
265 B
758 B
Script
General
Full URL
https://www.onmsft.com/wp-content/plugins/jetpack/_inc/build/twitter-timeline.min.js?ver=4.0.0
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68002d1756ab74bbd8c95d977ff8af585ab56706e59b0524a56a9788acf8e482
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Aug 2022 16:43:57 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"62e9544d-109"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKiNPQr1GEVUzxKQSE9gHjYgVLL%2BSVraNk7c3dtk45V9Q638xzeQ04ZoKXugT0dFjPsCVoIfG874js3esIqbFqfW2fQiTmEZIW9%2FWRQD06Z91GCoguoXUidDWvkPjGWK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
739e52cfb97080e7-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
navigation-search.min.js
www.onmsft.com/wp-content/themes/generatepress/assets/js/
2 KB
1 KB
Script
General
Full URL
https://www.onmsft.com/wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.1.3
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d0c6a094ec876c2dbea780dac5655e44bc1ec2b0c9c492f8513581879c89c5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 09 Feb 2022 22:58:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6204471a-858"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyQfqRmygxAjlhWhnF4eRIZqEbRRB7i6q%2BrfvF7kP1pGXLxdslThInWXEqepSJW%2BGVxHJFiQmb%2F3bKVdNRcUKlkS8jomI7SLXk%2FiM%2BFDzCbNSF6qP9CzBk%2FIb9o%2Bgr4K"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
739e52cfb97280e7-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
menu.min.js
www.onmsft.com/wp-content/themes/generatepress/assets/js/
7 KB
2 KB
Script
General
Full URL
https://www.onmsft.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 09 Feb 2022 22:58:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6204471a-1b1c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQ0AvJuJpQXiR%2BbLB9VAqHDyJ9tUPtedaibDpzxeb7vOvBmElwfE6b4VoaRMlQuHtwlj1Jf6VwlLlxRJYVAkl6GP61morPBmtdGixq5w%2FhkZ%2FVJchJXI1ymBPs%2Fayf%2BH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
739e52cfb97380e7-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
modal.min.js
www.onmsft.com/wp-content/plugins/podcast-subscribe-buttons/assets/js/
5 KB
2 KB
Script
General
Full URL
https://www.onmsft.com/wp-content/plugins/podcast-subscribe-buttons/assets/js/modal.min.js?ver=1.0.0
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecf917978118862ae1fc715ef2f5d7cf541d22cf515bc480c07324037b8bba01
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 26 May 2022 16:48:08 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"628faf48-13d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLwl%2FXDm3Lolv9WcVzpKof0bTkI8s%2FzneNB35mvYjihizuz9iIQX7kK85bkwZwn%2F3VhFs%2Fdef6peyyrT8ZyVWeZwGgks70UFxxN0f25SZt0uDa3%2Fuev%2F4firbEl1O5lv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
739e52cfb97780e7-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
smooth-scroll.min.js
www.onmsft.com/wp-content/plugins/gp-premium/general/js/
7 KB
3 KB
Script
General
Full URL
https://www.onmsft.com/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.1.2
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be764d640a7efa0022ca94a330ec3c7f38f462016f79f400d06da583be69a31e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 09 Feb 2022 22:58:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6204470c-1ae5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0flyOeUjgDt49e6vFMvATWu7DrKqTIIUCAAFskQhhqgTTCHFfDbJQ9bXx23V033bdjA4AQ5fdVpBbtRYK8ZA4YeT8yAtGY5S4Y0kIWNiYr5FVdT698hUSE63f6EgUr0z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
739e52cfb97880e7-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
lazysizes.min.js
www.onmsft.com/wp-content/plugins/ewww-image-optimizer/includes/
12 KB
5 KB
Script
General
Full URL
https://www.onmsft.com/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=670
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac8ba41f2ad11b9f60654e4550ab7a47ee85f4cb9dd50df9f362081ad5cd8a7f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 21 Jul 2022 14:28:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"62d96281-30d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FwuS0T%2BA7p2sjVXZul71CCZRA%2Bu7w9oMAZoy0ZKcyf4EgGsFohnruvU80uF6aciErCM0H0NwZsHIjybQLUUJcepnJgzV%2Bslrxkt25pOqBbALX3IH1a09y25f7GH9odY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
739e52cfb97980e7-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
offside.min.js
www.onmsft.com/wp-content/plugins/gp-premium/menu-plus/functions/js/
6 KB
3 KB
Script
General
Full URL
https://www.onmsft.com/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.1.2
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ab6ba1e7e051b464b2a5855abc359ba0f4cde98edc2335e2648bbfe5a35cf38
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 09 Feb 2022 22:58:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6204470c-1631"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOjI6wQYzlWjU0dgK8f%2F4BBJN1tOAlgAj0sa7rkQ8AClZUlxatDkNvMTTjGqfmX2cXK1tF3KrSCqxaYEkXA4kaDNh82tVLSYwja%2FjvpyHMVqWb%2BmfhiN5o6STrCTB7zO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
739e52cfb97a80e7-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
88572X1541654.skimlinks.js
s.skimresources.com/js/
56 KB
21 KB
Script
General
Full URL
https://s.skimresources.com/js/88572X1541654.skimlinks.js
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a452399141cde2bef16c744f6f3b649ab791b40c24e2f8c98a2ff7a72a8055dd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 10:48:00 GMT
server
AmazonS3
x-amz-request-id
S8HPC0QJTFA68GZB
etag
"c9d7c82364ac78cd10843f062d6c9bd4"
x-hw
1660360916.cds254.si2.hn,1660360916.cds240.si2.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
20705
x-amz-id-2
PwuxyjRAsOnkZE8tqYsCWVxEXSZwpQjmAfpI1+6WrRVmrfqva5DTwtGKKJ5VheELpizDdplq6Xs=
wpp.min.js
www.onmsft.com/wp-content/plugins/wordpress-popular-posts/assets/js/
3 KB
2 KB
Script
General
Full URL
https://www.onmsft.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.0.3
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 25 Jul 2022 13:46:03 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"62de9e9b-bd7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdUOzzMkHBHR4znA00Fu6V8hdgWxfdscKc4Cfs9vKQH4G%2FMculjeSvX5RE9dQXbH0NTjncldFj2kGusq2AgVEXZU%2B2CT856Rz63U9CoGk8i1y%2BzEHm1ktdePSDKgEKZo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
739e52cfb97b80e7-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
www.onmsft.com/wp-includes/js/jquery/
11 KB
5 KB
Script
General
Full URL
https://www.onmsft.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 19 Nov 2020 09:31:13 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5fb63b61-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56FzYnTGCxdryS75eR1SBqzpkpxqOCXEQL65fqToNbmmGt7hMAYVPxaxrD4%2BGcKVhqV%2Bu%2FRFtSoHbwXmVrms3keQKnm4Lv3n%2B8PIFnSYMlMonYLnMxK4KYH08%2BuQ5dvp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
739e52cfb97c80e7-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
www.onmsft.com/wp-includes/js/jquery/
87 KB
32 KB
Script
General
Full URL
https://www.onmsft.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 21 Jul 2021 01:34:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"60f779bd-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZYySE8KQ1L%2B1SWSgv%2FwCOKpD7pm5P8zdhk8ImCS4N%2FRRYP2TrgvjIvw8WkS3fMcxtUcbtTon59Kc4nqg%2Fjcg0BFaTQEL0J%2FUVEDJWQqM2RYVjGtOGOPU2cEAmzWwys0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
739e52cfb97d80e7-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
170 KB
57 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55030cad4925387fb39b05398dc50b8d41b189b862be1ee4d576bd2c32a25cfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57450
x-xss-protection
0
server
cafe
etag
16571051700497904547
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 13 Aug 2022 03:21:56 GMT
aws-sdk-kinesis.min.js.br
cdn.intergient.com/pageos/js/libs/
227 KB
57 KB
Script
General
Full URL
https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js.br
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.8.13/batchHandler.48b67d8f5be3c2f25514.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:0:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 06:34:54 GMT
content-encoding
br
last-modified
Tue, 15 Feb 2022 19:02:54 GMT
server
AmazonS3
age
80034
etag
"575b9635960fa1d9b7ba4dafe1d2e7f5"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 2abe7c09e4d4e443ea558b0b94988836.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C3
accept-ranges
bytes
content-length
57858
x-amz-cf-id
VVwHizAXbLJqxtWqmYuYfZ8i0Nq03zGxf3GC_g5cxh_gghgr4cKcqA==
px.gif
ad-delivery.net/
43 B
1001 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Sat, 13 Aug 2022 03:21:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18582
x-guploader-uploadid
ABg5-Uw512FnJ66lUVmChlwCqJ7EPuZG-LSvVWY3CSy4PuvmP3kcPzzcE8RX0vZtLPHobprdcSCB-bo3g-0JNxRM2_k
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=th%2B86SspiCyplR2zXka6vsITHwFG560aF5ZSSkZinXi7mZSnNp7Elp7bOXUH1ruccfM0cK1L2RzA991mCyB7Db%2FKj5qECmaZKBWVYkrc5NhN%2B4SuNgkyPo9zKJlh4XBem0ulV6at%2FjhO%2FWbNmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
739e52d02c07af93-NRT
expires
Fri, 12 Aug 2022 23:12:14 GMT
favicon.ico
ad.doubleclick.net/
1 KB
664 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:02:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69547
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Aug 2022 08:02:49 GMT
px.gif
ad-delivery.net/
43 B
339 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.051990061890300865
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Sat, 13 Aug 2022 03:21:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18582
x-guploader-uploadid
ABg5-Uw512FnJ66lUVmChlwCqJ7EPuZG-LSvVWY3CSy4PuvmP3kcPzzcE8RX0vZtLPHobprdcSCB-bo3g-0JNxRM2_k
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnnLjtQD%2B9ApDY82NT%2FAns39SFotm0ZBevSPxaXaFrae9tLxmXkmjhVyWyE4p8Kf3MAJ%2F0Ba6KJeavKgec2nE0P4gCnshrHDO9c1US6l%2FcIWSGsXhWZFxklWpWRiMJzj6VBNSuhS5m3SglAHKw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
739e52d02c08af93-NRT
expires
Fri, 12 Aug 2022 23:12:14 GMT
v2
mb.moatads.com/yi/
697 B
870 B
Script
General
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ke92djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-vXpNn7leOfQ59g%3D%3D&sc=1&os=1-KA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.onmsft.com%2F&pcode=playwireprebidheader597261727146&rx=797975619708&callback=MoatNadoAllJsonpRequest_1998277
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.69.163 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-69-163.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
7adbac3400bc8764f3a61cfa10f025fd0e0ca6509a0ff61ca3ebe7ceff099406

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"a706901f013220a8c22ba6a6bb20f9f178b0ad26"
content-length
697
content-type
text/html; charset=UTF-8
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKG65QB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4619
date
Sat, 13 Aug 2022 02:04:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 13 Aug 2022 04:04:57 GMT
trendiVideo.d441aa8e3131ccfbf935.js
cdn.intergient.com/pageos/1.8.13/
16 KB
4 KB
Script
General
Full URL
https://cdn.intergient.com/pageos/1.8.13/trendiVideo.d441aa8e3131ccfbf935.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:0:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d833c06dd1b91530e21f68566ed1b70d3851904b0428ebb4244deed953a282ea

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 05:38:52 GMT
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:08:38 GMT
server
AmazonS3
age
78185
etag
W/"3959e1a8e9890ff260ec92020775cd59"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2abe7c09e4d4e443ea558b0b94988836.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
Kc3zBUy7zbtpwwQpl-SGL5NsWNJPu56CBPx0GpGwa57TPRvC6QxnBw==
tyche.js
cdn.intergi.com/hera/releases/4.5.24/
930 B
1 KB
Script
General
Full URL
https://cdn.intergi.com/hera/releases/4.5.24/tyche.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b7:5400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b908e4d447b5bbaeae858c76a305c82a162a6af717c924c6ff88bb3c78e52fcd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
NL2vnaEOs_ck8kVo7OjFhR3pVqH43TMJ
via
1.1 5df93c3c57841f503f7fe08036b1ef66.cloudfront.net (CloudFront)
last-modified
Wed, 03 Aug 2022 04:08:30 GMT
server
AmazonS3
age
36637
etag
"baa2fd5b5f8d0c866fa918117fc14b5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sat, 13 Aug 2022 00:36:05 GMT
x-amz-cf-pop
NRT57-C4
accept-ranges
bytes
content-length
930
x-amz-cf-id
FVCb0XXXW3tOXhCZGHm7-7zbMOYnYoNBHR3Z3Fm8TcGYpYzs_mkumg==
embed.js
cdn.playwire.com/bolt/js/zeus/
13 KB
4 KB
Script
General
Full URL
https://cdn.playwire.com/bolt/js/zeus/embed.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.8.13/trendiVideo.d441aa8e3131ccfbf935.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:9a00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
b6059548fd5bb34698b8aff9efe26ec5d8c52cbc13739ad8094cb4743cbaa278

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT57-C3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=600, public, must-revalidate
content-encoding
br
x-amz-cf-id
WQNnpbQSA9SYQS5BaATnxwUh6QFfwARynE7615q4QpN7S1HWMtgR3A==
pv
api.btloader.com/
0
128 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=eM1FeZOX0&w=5927477382742016&o=5150306120761344&cv=2.0.9-1-g2cac8e3&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.onmsft.com%2F&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 13 Aug 2022 03:21:56 GMT
cache-control
no-cache, no-store, must-revalidate
vary
Origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
audience_segments
fingerprinter-production.herokuapp.com/visitors/a6200afec51638ce65f45d6d4df30d02/
25 B
374 B
XHR
General
Full URL
https://fingerprinter-production.herokuapp.com/visitors/a6200afec51638ce65f45d6d4df30d02/audience_segments
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.60.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-60-216.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
6c51d463706b61b30554907747d95ff62188a36783b1a3bf949c7fbc193e79e2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 03:21:57 GMT
Via
1.1 vegur
Server
Cowboy
Vary
Origin
Access-Control-Allow-Methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
7200
Connection
keep-alive
Content-Length
25
Access-Control-Expose-Headers
runtime.ccc28c14249ad50d1beb.js
cdn.intergi.com/hera/releases/4.5.24/
3 KB
2 KB
Script
General
Full URL
https://cdn.intergi.com/hera/releases/4.5.24/runtime.ccc28c14249ad50d1beb.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.24/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b7:5400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c6ef3410dcabe63c7d4552b657e549d87ee9a1d646814f9c3edebf1045fda19

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
52QSFK3RXNfXAPxClEupMrls8.VUtbt3
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:08:30 GMT
server
AmazonS3
age
52602
etag
W/"dcddc8e3abf70f3a478a07af06d765fd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5df93c3c57841f503f7fe08036b1ef66.cloudfront.net (CloudFront)
date
Fri, 12 Aug 2022 14:41:33 GMT
x-amz-cf-pop
NRT57-C4
x-amz-cf-id
2gCuzSWdKAAOlNrQVZTrENjwd4gwv_VzPDRwoYehBHB0t--ESr0kkQ==
npm.core-js.9ecd3933ce7c5b26ca2f.js
cdn.intergi.com/hera/releases/4.5.24/vendor/
39 KB
15 KB
Script
General
Full URL
https://cdn.intergi.com/hera/releases/4.5.24/vendor/npm.core-js.9ecd3933ce7c5b26ca2f.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.24/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b7:5400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae726193112d41052e35118aa67d5f832d40aa9e53c2594466e0ee5df73caab6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
giTGJ0b8yAXKNLUWVDWfhGq36bvekMWx
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:08:30 GMT
server
AmazonS3
age
58344
etag
W/"3f84b4e4b73d992c8c2e246edb01f88b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5df93c3c57841f503f7fe08036b1ef66.cloudfront.net (CloudFront)
date
Fri, 12 Aug 2022 11:09:32 GMT
x-amz-cf-pop
NRT57-C4
x-amz-cf-id
6WBN17L5k7J0xCnq3QVzDdwhvyPRaMqHARdnn-aoPXlNYOLLRm4BOw==
npm.lodash.39a04a8f1c96ade254ee.js
cdn.intergi.com/hera/releases/4.5.24/vendor/
3 KB
2 KB
Script
General
Full URL
https://cdn.intergi.com/hera/releases/4.5.24/vendor/npm.lodash.39a04a8f1c96ade254ee.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.24/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b7:5400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
272b9948716c2d3274e41beaf32ba844e9277382560b7f109e9486069f922104

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
849IiBqoBxHpOChKRnewy8Rvtlzb66IV
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:08:30 GMT
server
AmazonS3
age
30201
etag
W/"51add7edf2782c9ddf9380a9a5d6c529"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5df93c3c57841f503f7fe08036b1ef66.cloudfront.net (CloudFront)
date
Fri, 12 Aug 2022 18:58:35 GMT
x-amz-cf-pop
NRT57-C4
x-amz-cf-id
RcDWnL5nDD7ccBjT0IhDwE902U34IFaKty7SlOqa9P79XSs7S3EmxQ==
npm.babel.816b6b897780bce545f1.js
cdn.intergi.com/hera/releases/4.5.24/vendor/
2 KB
1 KB
Script
General
Full URL
https://cdn.intergi.com/hera/releases/4.5.24/vendor/npm.babel.816b6b897780bce545f1.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.24/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b7:5400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91fb73240f6c4d14842b31b056a2a77919b7438588c62ab880d9f4d90cbf2e0b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
4gYKWmChp44DBZXj4MN7Lq3splvNXQPj
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:08:30 GMT
server
AmazonS3
age
52604
etag
W/"4c1827dd36989b5b458ebcc0299e2c59"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5df93c3c57841f503f7fe08036b1ef66.cloudfront.net (CloudFront)
date
Fri, 12 Aug 2022 14:41:33 GMT
x-amz-cf-pop
NRT57-C4
x-amz-cf-id
nvB2KuOQ14NghU9j4x318bqoHWnoYciM54tZXLfkrJJfiPWB2rvsKQ==
npm.intersection-observer.312f6562336e9769b3ec.js
cdn.intergi.com/hera/releases/4.5.24/vendor/
9 KB
3 KB
Script
General
Full URL
https://cdn.intergi.com/hera/releases/4.5.24/vendor/npm.intersection-observer.312f6562336e9769b3ec.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.24/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b7:5400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4547a3e2e7545a504b3a1cdcc817a6219c904c94f79c3b98744a264652d3bcd3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
Q69xU0MBSe6crZNKKV4tv542IzUHE0pj
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:08:30 GMT
server
AmazonS3
age
52602
etag
W/"3fbf8b46b12b434ff5936e830c2d66be"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5df93c3c57841f503f7fe08036b1ef66.cloudfront.net (CloudFront)
date
Fri, 12 Aug 2022 14:41:33 GMT
x-amz-cf-pop
NRT57-C4
x-amz-cf-id
InwO4hy8aVRcLEz5nH4cn3GsnIdUt8OaT8HzB-sZ5csCzd2ixGuM9Q==
635.c6832658487cc1354cf2.js
cdn.intergi.com/hera/releases/4.5.24/
1 KB
1 KB
Script
General
Full URL
https://cdn.intergi.com/hera/releases/4.5.24/635.c6832658487cc1354cf2.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.24/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b7:5400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db6e9b9c4a8d198b13039b61e72982d72bfd88e5faf9069da73156e0b9674894

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
mrVrynxmWIlRPBdDFz33p26qQMOddaqC
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:08:29 GMT
server
AmazonS3
age
58344
etag
W/"e6039b016665cb6b7e1f57fea4b52ee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5df93c3c57841f503f7fe08036b1ef66.cloudfront.net (CloudFront)
date
Fri, 12 Aug 2022 11:09:32 GMT
x-amz-cf-pop
NRT57-C4
x-amz-cf-id
olQFUGQnYaaJ1Vau2Zv8jM_hV9cQbeeLCVh2NIKNZ3IcE9szT4sC4Q==
main.14086b033ed0cdbbf85b.js
cdn.intergi.com/hera/releases/4.5.24/
112 KB
32 KB
Script
General
Full URL
https://cdn.intergi.com/hera/releases/4.5.24/main.14086b033ed0cdbbf85b.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.24/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b7:5400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f5a2ee67c4a9c856cb7717e058793444950da0debebef63f1a4fbe2a483dfd05

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
ixnFi_l8RRN1GmnqFf0j8wMeeMfvkQ5d
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:08:29 GMT
server
AmazonS3
age
55918
etag
W/"2482b004aed8d4ffaa8b4ec3a698bb02"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5df93c3c57841f503f7fe08036b1ef66.cloudfront.net (CloudFront)
date
Fri, 12 Aug 2022 11:49:59 GMT
x-amz-cf-pop
NRT57-C4
x-amz-cf-id
eZ2YdM1TIg9U4FervnCbtJWLUx_hUTpNY7SHxIDJBvy0GFl9iZTIow==
lib.37dee626aab965fa63d6.js
cdn.intergi.com/hera/releases/4.5.24/lib/
168 B
552 B
Script
General
Full URL
https://cdn.intergi.com/hera/releases/4.5.24/lib/lib.37dee626aab965fa63d6.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.24/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b7:5400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc6b3654648a3c72901bc3261e6b3d758e1646a42cf0df9250e90a54a5e5f485

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
kVNT5.SBb8GYhEHGQxN8lACaMxy.9PPi
via
1.1 5df93c3c57841f503f7fe08036b1ef66.cloudfront.net (CloudFront)
last-modified
Wed, 03 Aug 2022 04:08:29 GMT
server
AmazonS3
age
52535
etag
"55207ad611091d1e6eb6c264a431a7b5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 12 Aug 2022 12:46:22 GMT
x-amz-cf-pop
NRT57-C4
accept-ranges
bytes
content-length
168
x-amz-cf-id
AAo65CoBh4uWwmTjiL2PDXi27Ro9uiX8Nk28a4gYDtUZoJslA8JFDw==
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=340891715&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onmsft.com%2F&ul=en-us&de=UTF-8&dt=Latest%20News%20-%20OnMSFT.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1878884899&gjid=103446779&cid=1533648303.1660360917&tid=UA-71939551-1&_gid=1852828179.1660360917&_r=1&gtm=2wg880WKG65QB&cd5=Kip%20Kniskern&cd7=December%2029%2C%202021&z=802556411
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.onmsft.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
83 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.24/main.14086b033ed0cdbbf85b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
sffe /
Resource Hash
3fdbff96f0ed2b4c62c87a1190d7fcae51a5dc6ce3bdc695a65e92295f05bfb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28671
x-xss-protection
0
server
sffe
etag
"1302 / 580 of 1000 / last-modified: 1660341990"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 13 Aug 2022 03:21:56 GMT
price_floor.js
config.playwire.com/websites/71908/
3 KB
2 KB
Script
General
Full URL
https://config.playwire.com/websites/71908/price_floor.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.24/main.14086b033ed0cdbbf85b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b7:5800:1a:1459:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
c7666135efe3165f59bd0ae542ad2ac795b50d154c7c476c16a97ec9a766ed81

Request headers

Referer
https://www.onmsft.com/
Origin
https://www.onmsft.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 15:52:59 GMT
via
1.1 vegur, 1.1 c137bc17e805245537f28ce3f33d7c76.cloudfront.net (CloudFront)
server
Cowboy
age
41337
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
1728000
x-cache
Hit from cloudfront
x-amz-cf-pop
NRT57-C4
content-encoding
br
x-amz-cf-id
9FXWeAC1KGGLSlikxTaUFRApF9bJx2DfPKFzvdd7i1WYhAPti-eZ8w==
access-control-expose-headers
prebid.js.br
cdn.intergi.com/prebid/
557 KB
137 KB
Script
General
Full URL
https://cdn.intergi.com/prebid/prebid.js.br
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b7:5400:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cc3f945486919b27417f1c27853a2c3dafc33661bd034ba623b2e211e6da62d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 05:59:55 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 15:11:43 GMT
server
AmazonS3
age
76922
etag
"727cf5e50ff5e32db78262382f6e1bed"
x-cache
Hit from cloudfront
x-amz-version-id
lnD5Cza9QtiyYpmktPo2r7nQCMIza6bK
via
1.1 5df93c3c57841f503f7fe08036b1ef66.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C4
accept-ranges
bytes
content-type
text/javascript
content-length
139476
x-amz-cf-id
MxA84HR3eT5TtQJLwcZEFWvNAfhhA8U0zs7Emk6rj_iR8Hh7-Lf-vQ==
7.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/
156 KB
46 KB
Script
General
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/7.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt/js/zeus/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:9a00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
098506900ec1561bdf65c49a0785a91c130616ce2c1cc886fc034a03852b7ea0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
QzKvWdbutLpZzyeKrH5c8m43bGkIRDII
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:09:59 GMT
server
AmazonS3
age
12728
etag
W/"b1527045b750ff5710d4511dcb02c2f4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
date
Fri, 12 Aug 2022 23:49:49 GMT
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
d4W4czwu8j5j2xQMAMtx2DCDs8DVdQJcMwPf2YnwI5eitp7t763z3Q==
pixel.gif
px.moatads.com/
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:21:56 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 03:21:56 GMT
apstag.js
c.amazon-adsystem.com/aax2/
159 KB
41 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.5.24/main.14086b033ed0cdbbf85b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.52.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-52-59.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15db152f386fbb66b5610a32b7b5d8662aeab674ce38a2c446cd73d2a250a92f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 13 Aug 2022 02:30:26 GMT
content-encoding
gzip
last-modified
Thu, 11 Aug 2022 19:28:16 GMT
server
AmazonS3
age
3091
etag
W/"364e5d6f95bbab2e2e1b3226cf815641"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 454c51e6774cbed81f946c64c1140bee.cloudfront.net (CloudFront), 1.1 85b47597e85277e1280d0655bac190c2.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
NRT57-C3, NRT57-C1
x-amz-cf-id
sO5Ze42dWj51h_O5ddn1unvPUnXjlSrBdKZFjIYQlQYBZ7nI_ad1cg==
483.json
id5-sync.com/g/v2/
454 B
1 KB
XHR
General
Full URL
https://id5-sync.com/g/v2/483.json
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
9e2b4b3f99d43db6b5ebc87b42deca2baf314fdd837cc08171507ea95cda0e5a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
id
id.crwdcntrl.net/
154 B
904 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.226.158 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-226-158.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2d55cbaa4441d6dd042cb1d9c16b96ca58c81b8bc806716d66c555464da6b9b4

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.onmsft.com
cache-control
no-cache
x-server
10.42.19.20
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
f
fid.agkn.com/
151 B
686 B
XHR
General
Full URL
https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fwww.onmsft.com%2F
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.189.200.142 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-189-200-142.us-west-2.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
87bcfb1be7cd2275305233c16ac8f1868b5fcc0da4fb6d00426a0b7f4eed7064

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
server
AAWebServer
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
https://www.onmsft.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/javascript;charset=iso-8859-1
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
151
expires
0
collect
stats.g.doubleclick.net/j/
1 B
438 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-71939551-1&cid=1533648303.1660360917&jid=1878884899&gjid=103446779&_gid=1852828179.1660360917&_u=YEBAAEAAAAAAAC~&z=714253190
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c00::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 13 Aug 2022 03:21:56 GMT
content-type
text/plain
access-control-allow-origin
https://www.onmsft.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pre_content.json
config.playwire.com/1023788/v2/
15 KB
2 KB
XHR
General
Full URL
https://config.playwire.com/1023788/v2/pre_content.json
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b7:5800:1a:1459:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
9103a0a45280dd1ad7ba021f14af98c1719dc3e5132956ab8ca0c74d0b9a4ae2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 16:42:41 GMT
via
1.1 vegur, 1.1 c137bc17e805245537f28ce3f33d7c76.cloudfront.net (CloudFront)
vary
Accept-Encoding
age
38354
x-cache
Hit from cloudfront
content-encoding
br
server
Cowboy
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
hw-country-code
cache-control
public, max-age=600
hw-country-code
JP
x-amz-cf-pop
NRT57-C4
x-amz-cf-id
8lOH9KSBN8j_fqUSiq4zQTAUVJCFpmnREYXWdPZgY0Rs9Y57T7cjog==
1.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/
6 KB
3 KB
Script
General
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/1.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt/js/zeus/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:9a00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14dd5bdcaf1f7582bf9104f89e77e2b31895bdb8f9dc55d669cc8136715c500f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
Rc49DydhI_Ja0JU7DiNNK6Sc_mXhni62
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:09:59 GMT
server
AmazonS3
age
10621
etag
W/"b39a3fe80b7e1a4a6a0613134f7175eb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
date
Sat, 13 Aug 2022 00:24:58 GMT
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
RZVFlIH4fNK_ipn3y6VAFwLsz4waC8_kJlZfNiNGQ_HTRu0GRcJz4g==
frame.html
cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/ Frame E3B6
1 KB
1 KB
Document
General
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/frame.html
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:9a00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14ff8eea22eb37314a5f783ccaec4f2a8f4e305a422469db822bc4331ef1b1cb

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
51806
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 12:58:31 GMT
etag
W/"fb93245bbac1fe45869486b7e97361ab"
last-modified
Wed, 03 Aug 2022 04:09:59 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
x-amz-cf-id
LsaXOViHFUv7CbWPejROxj1YOLJxyNFIR_WYKdq9onRvf1YLZ9mqsg==
x-amz-cf-pop
NRT57-C3
x-amz-version-id
yvMrOaYRcHS27XKhI6ljvJzQKi659Lg9
x-cache
Hit from cloudfront
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.52.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-52-59.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 21:46:18 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
20139
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 22:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
JXufo2ctue2uysHllG2MRpKE8F0E4.a0
via
1.1 983d7210fe21e3eb1ad56033839bd3b2.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
NRT57-C1
content-type
application/javascript
x-amz-cf-id
NICCHmCGwk_EUxYHSAy4OqE089BR7MwiRWmPGHo3Ukyq3BI5y0wAlA==
config
c.amazon-adsystem.com/cdn/prod/
248 B
606 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.onmsft.com&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.52.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-52-59.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 22:43:50 GMT
via
1.1 85b47597e85277e1280d0655bac190c2.cloudfront.net (CloudFront)
server
Server
age
16686
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
NRT57-C1
content-length
248
x-amz-cf-id
4N_XSKEACjDKFnIF1wg-_4E_oT9UrLG3GplCdMeGRLf1STFEDI7-Ng==
bid
c.amazon-adsystem.com/e/dtb/
177 B
543 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.onmsft.com%2F&pid=BPZPVF0gL418r&cb=0&ws=1600x1200&v=22.8.42053&t=1400&slots=%5B%7B%22sd%22%3A%22med_rect_atf%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F154013155%2C22522311865%2F1023788%2F71908%2F1023788-71908-medium_rectangle%22%7D%2C%7B%22sd%22%3A%22med_rect_btf%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F154013155%2C22522311865%2F1023788%2F71908%2F1023788-71908-medium_rectangle%22%7D%2C%7B%22sd%22%3A%22leaderboard_atf%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C22522311865%2F1023788%2F71908%2F1023788-71908-desktop_leaderboard%22%7D%2C%7B%22sd%22%3A%22leaderboard_btf%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C22522311865%2F1023788%2F71908%2F1023788-71908-desktop_leaderboard%22%7D%2C%7B%22sd%22%3A%22pw-160x600_atf%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F154013155%2C22522311865%2F1023788%2F71908%2F1023788-71908-160x600%22%7D%2C%7B%22sd%22%3A%22pw-160x600_btf%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F154013155%2C22522311865%2F1023788%2F71908%2F1023788-71908-160x600%22%7D%2C%7B%22sd%22%3A%22pw-oop-bottom_rail%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C22522311865%2F1023788%2F71908%2F1023788-71908-bottom_rail%22%7D%5D&schain=1.0%2C1!playwire.com%2C1023788%2C1%2C%2C%2C&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.52.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-52-59.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
ca10b88804accfc4c868a18752ce8f0a9d4156f9d6ad8858830e2a0f46ffae5e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
NRT57-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
165
via
1.1 85b47597e85277e1280d0655bac190c2.cloudfront.net (CloudFront)
x-amz-cf-id
Mn9ZFl-7OLdWORRQCZ-WH8EnNhW86cCXEPAvzQe81AIfVXBKV2lkMQ==
localstore.js
script.4dex.io/
483 B
973 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
176671
content-type
application/javascript
x-amz-request-id
tx868aa8ceaf494ff0b1336-00627a3731
x-amz-id-2
tx868aa8ceaf494ff0b1336-00627a3731
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1d3a6obiokZ52Fdd53k3VolWmvU8j%2BlO4Y6s4moGdLXsD5kW6anJUoT7VvGNroFB2GhqGi2%2BDYTWpsUqX9CvWt30nQuroxDJnjaXYdIj8adc1GgfisOWmoMs4IPVOSRTs1EUx1VI3iu7b%2FWH"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1652176652152482
cache-control
public, max-age=1800
cf-ray
739e52d27e62af61-NRT
expires
Sat, 13 Aug 2022 03:51:56 GMT
zeus_boot.efc03e3eeedd10cb747f.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/ Frame E3B6
129 KB
36 KB
Script
General
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/zeus_boot.efc03e3eeedd10cb747f.js?efc03e3eeedd10cb747f
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:9a00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3643a4cc1b9aeaf5516d7337c301f350e578a640a950b3b7d2c2b3c471a33363

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
HIU_PRDNFPPRvoB9HALMCi_TC7bhn3KO
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:09:59 GMT
server
AmazonS3
age
58125
etag
W/"5a757bc81368955d9aa35e202bd4d546"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
date
Fri, 12 Aug 2022 11:13:12 GMT
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
vt042zzXDFw5zcYIUeT1w-A47cU6m_iW3N4G8iRrcNJ8NHrFR2uxcg==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
53 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.39.13.202 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-13-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Sat, 13 Aug 2022 03:36:56 GMT
adagio.js
script.4dex.io/
72 KB
23 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
394894
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx6db8e32e86ef45f499594-00629f4ca1
x-amz-id-2
tx6db8e32e86ef45f499594-00629f4ca1
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmE6fcOqD8ZCY8yI003jtSJSXo597RxsoyXSQVMlTQNOggTtQdti46jhj6%2FN48ZMWsTDNZ3BcHEYdtkr6K7ojgafISz1uAUzrJFWiSVMQw3msYPuNLyyQIF%2F8sQQq9ltU5OMtGPE62FnLW3E"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
739e52d2ade72023-NRT
access-control-allow-headers
Authorization
pubads_impl_2022081001.js
securepubads.g.doubleclick.net/gpt/
388 KB
132 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
sffe /
Resource Hash
56555ac279db2a3ed544a37b98c6ef55ff5730d865daca2af2b72bdcaf947c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 11:22:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
143950
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135532
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 08:38:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 11 Aug 2023 11:22:46 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
158 B
139 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.onmsft.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
cafe /
Resource Hash
472eb7426b22e996141d6a950180aee97068f2d68d75f0cb6f9627be086027e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114
x-xss-protection
0
expires
Sat, 13 Aug 2022 03:21:56 GMT
frame.1412f66f78991a3cfdbf.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/ Frame E3B6
138 KB
29 KB
Script
General
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/frame.1412f66f78991a3cfdbf.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/zeus_boot.efc03e3eeedd10cb747f.js?efc03e3eeedd10cb747f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:9a00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58898a8ad44ab5c745cf646b89ce687a2ba8d1c9c0e29d6a6afaaa26df5984bb

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
UW_XEDie.ri1ESRz8SnHKyGighebbKfL
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:09:59 GMT
server
AmazonS3
age
6299
etag
W/"3dc847015140e4ce040680e6f3559512"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
date
Sat, 13 Aug 2022 01:36:58 GMT
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
7oxmcK4lfEjeohq717T2Fx07lPoMrLYp4vcXFTRpib3wnF-KOBWMTQ==
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.onmsft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.onmsft.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.onmsft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.onmsft.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.onmsft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.onmsft.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.onmsft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.onmsft.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.onmsft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.onmsft.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.onmsft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.onmsft.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.onmsft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.onmsft.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.onmsft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.onmsft.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.onmsft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.onmsft.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.onmsft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.onmsft.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.onmsft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.onmsft.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.onmsft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.onmsft.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.onmsft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.onmsft.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
imp
g2.gumgum.com/hbid/
2 KB
2 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1660360916959&to=0&aun=med_rect_atf&pubcid=4d32b779-8c4b-4970-b127-677768b23296&maxw=300&maxh=600&si=28659&pi=3&bf=300x250%2C300x600&schain=1.0%2C1!playwire.com%2C1023788%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.onmsft.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.26.0%22%7D&ogu=https%3A%2F%2Fwww.onmsft.com&ns=9216
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.4.232 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-4-232.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
df78d971eaebde0f6babd2ad42d61d863a94b049fe7b498456401b95e427a309

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
2 KB
2 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1660360916960&to=0&aun=med_rect_atf&pubcid=4d32b779-8c4b-4970-b127-677768b23296&maxw=300&maxh=600&si=28658&pi=3&bf=300x250%2C300x600&schain=1.0%2C1!playwire.com%2C1023788%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.onmsft.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.26.0%22%7D&ogu=https%3A%2F%2Fwww.onmsft.com&ns=9216
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.4.232 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-4-232.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aa328efddf99621233b4c619fb9fd906839798586842041eb6a4f4d42f866aa9

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
2 KB
2 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1660360916960&to=0&aun=med_rect_btf&pubcid=4d32b779-8c4b-4970-b127-677768b23296&maxw=300&maxh=250&si=28658&pi=3&bf=300x250&schain=1.0%2C1!playwire.com%2C1023788%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.onmsft.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.26.0%22%7D&ogu=https%3A%2F%2Fwww.onmsft.com&ns=9216
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.4.232 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-4-232.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0a58e2165ffda0a508d961dcccf6ccd58fd7aa2149c697003d4e0a5e35e099ef

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
2 KB
2 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1660360916960&to=0&aun=leaderboard_atf&pubcid=4d32b779-8c4b-4970-b127-677768b23296&maxw=970&maxh=250&si=28664&pi=3&bf=728x90%2C970x250%2C970x90&schain=1.0%2C1!playwire.com%2C1023788%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.onmsft.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.26.0%22%7D&ogu=https%3A%2F%2Fwww.onmsft.com&ns=9216
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.4.232 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-4-232.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0d1f2fe8af451309da88264f882868c77e06e78b47d07475b57bc6b485329af5

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
2 KB
2 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1660360916960&to=0&aun=leaderboard_atf&pubcid=4d32b779-8c4b-4970-b127-677768b23296&maxw=970&maxh=250&si=28665&pi=3&bf=728x90%2C970x250%2C970x90&schain=1.0%2C1!playwire.com%2C1023788%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.onmsft.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.26.0%22%7D&ogu=https%3A%2F%2Fwww.onmsft.com&ns=9216
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.4.232 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-4-232.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ada0693ac4e036a3a8289f2cd4e462e8695a6cfd46652dd50a9bfa36e4d8ecd8

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
2 KB
2 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1660360916960&to=0&aun=leaderboard_btf&pubcid=4d32b779-8c4b-4970-b127-677768b23296&maxw=970&maxh=250&si=28664&pi=3&bf=728x90%2C970x250%2C970x90&schain=1.0%2C1!playwire.com%2C1023788%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.onmsft.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.26.0%22%7D&ogu=https%3A%2F%2Fwww.onmsft.com&ns=9216
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.4.232 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-4-232.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3ca3974b648dcc7844ef4bd5f4915d4a8531e4deea99513275256e1db9735f43

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
2 KB
2 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1660360916960&to=0&aun=leaderboard_btf&pubcid=4d32b779-8c4b-4970-b127-677768b23296&maxw=970&maxh=250&si=28665&pi=3&bf=728x90%2C970x250%2C970x90&schain=1.0%2C1!playwire.com%2C1023788%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.onmsft.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.26.0%22%7D&ogu=https%3A%2F%2Fwww.onmsft.com&ns=9216
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.4.232 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-4-232.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e79dc0233ed374ffc996d62c82599b11a0148967879d3fd490ad58c95cffdc42

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
2 KB
2 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1660360916961&to=0&aun=pw-160x600_atf&pubcid=4d32b779-8c4b-4970-b127-677768b23296&maxw=160&maxh=600&si=28655&pi=3&bf=160x600&schain=1.0%2C1!playwire.com%2C1023788%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.onmsft.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.26.0%22%7D&ogu=https%3A%2F%2Fwww.onmsft.com&ns=9216
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.4.232 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-4-232.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6e745ff5914a17a92d89e65994d2ba772a0f30636c0fd022e05869acacb9e457

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
2 KB
2 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1660360916961&to=0&aun=pw-160x600_btf&pubcid=4d32b779-8c4b-4970-b127-677768b23296&maxw=160&maxh=600&si=28655&pi=3&bf=160x600&schain=1.0%2C1!playwire.com%2C1023788%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.onmsft.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.26.0%22%7D&ogu=https%3A%2F%2Fwww.onmsft.com&ns=9216
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.4.232 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-4-232.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6623c61862bcf7d68e69f38145a41d686057cc51fd2e08d8acff0fd67cfb770d

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
615 B
1 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1660360916961&to=0&aun=pw-oop-bottom_rail&pubcid=4d32b779-8c4b-4970-b127-677768b23296&t=ljpjveon&pi=2&schain=1.0%2C1!playwire.com%2C1023788%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.onmsft.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.26.0%22%7D&ogu=https%3A%2F%2Fwww.onmsft.com&ns=9216
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.4.232 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-4-232.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
eec4b9c31b9210234f018c21159cabd6d8468642b36665c3945baffc5d2d4088

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:56 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
615 B
1 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1660360916961&to=0&aun=pw-oop-bottom_rail&pubcid=4d32b779-8c4b-4970-b127-677768b23296&t=ljpjveon&pi=2&schain=1.0%2C1!playwire.com%2C1023788%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.onmsft.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.26.0%22%7D&ogu=https%3A%2F%2Fwww.onmsft.com&ns=9216
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.4.232 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-4-232.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9de34c9bcb5238bd45eb99ebaacb76c12c2873f9a5416163c13644870c4a8b39

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
v1
btlr.sharethrough.com/universal/
498 B
669 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.37.224 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-37-224.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
a6a2d8b638c20a3b4d4dc2234123c92447e17c99a9e2dad4a7f75b183d0aa662

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
346
v1
btlr.sharethrough.com/universal/
646 B
721 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.37.224 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-37-224.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
270f3c5a493e510555dce5a52e5185a965bf33b9b908fddb0ecb43de842e1ee8

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
397
v1
btlr.sharethrough.com/universal/
503 B
699 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.37.224 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-37-224.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
8ba3f825efe4bc92a1f8ddeef71c79e44c7848b176d4c2ce6ef1345b357b0496

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
376
v1
btlr.sharethrough.com/universal/
621 B
757 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.37.224 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-37-224.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
16d0c2376b9d98afab8e6aa286766fa4a3044bc9b0368a0b184460882a5f1b71

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
435
v1
btlr.sharethrough.com/universal/
630 B
758 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.37.224 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-37-224.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
7512231a9d9ab287eb3c968c866695248076563e2f55381eead1157fb6e9e0b8

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
435
v1
btlr.sharethrough.com/universal/
400 B
570 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.37.224 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-37-224.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
969072ee38f15a97dc007aab6bc5e08a03982f3ada686a49ce998d4c461e1442

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
247
v1
btlr.sharethrough.com/universal/
518 B
659 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.37.224 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-37-224.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
b8e20f76b797af996aa186867eaea379bf0eaaaabcde1c9850cfa35c964d0c58

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
336
v1
btlr.sharethrough.com/universal/
593 B
595 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.37.224 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-37-224.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
01494dc4d06bd2098f0902a853960fd3aea01b45b9dbb52e2b3663a4780ddf82

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
272
v1
btlr.sharethrough.com/universal/
452 B
643 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.37.224 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-37-224.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
501ba19100fdf08aeb3c7e7627c48e8583e9b4b6c65da5fb47447667c0787d9d

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
320
v1
btlr.sharethrough.com/universal/
625 B
671 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.37.224 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-37-224.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
eee8208afbf69fcee2d82898e6e915d880fa6fdaa91de9a07a8077fd6d647fde

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
349
prebid
ib.adnxs.com/ut/v3/
70 B
763 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0492c58920da5279659a2c58bf1b6b68cddf1d78ca4fd87aab42155fb93b7ea3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:21:57 GMT
X-Proxy-Origin
217.138.252.170; 217.138.252.170; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
69b7d827-47cf-4e25-bc66-64a126bc5715
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.onmsft.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
70
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
447 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=15&alt_size_ids=10&p_pos=atf&rp_schain=1.0,1!playwire.com,1023788,1,,,&eid_pubcid.org=4d32b779-8c4b-4970-b127-677768b23296%5E1&rf=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.ref=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.page=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.domain=onmsft.com&tg_i.cat=IAB681%2CIAB19%2CIAB596&tg_i.sectioncat=IAB681%2CIAB19%2CIAB596&tg_i.pagecat=IAB681%2CIAB19%2CIAB596&tk_flint=pbjs_lite_v6.26.0&x_source.tid=3be2e5ab-f0e3-471c-991a-36ee02e49086&l_pb_bid_id=367c58c430fe6b9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.20853438935140756
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b40836a3a2088d5f6a11c40da9b31cda348347621ff2c9fcd014d779d2eef2e3

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:21:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.onmsft.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
447
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
447 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=15&alt_size_ids=10&p_pos=atf&rp_schain=1.0,1!playwire.com,1023788,1,,,&eid_pubcid.org=4d32b779-8c4b-4970-b127-677768b23296%5E1&rf=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.ref=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.page=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.domain=onmsft.com&tg_i.cat=IAB681%2CIAB19%2CIAB596&tg_i.sectioncat=IAB681%2CIAB19%2CIAB596&tg_i.pagecat=IAB681%2CIAB19%2CIAB596&tk_flint=pbjs_lite_v6.26.0&x_source.tid=3be2e5ab-f0e3-471c-991a-36ee02e49086&l_pb_bid_id=37d010433d00a07&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7579122123270732
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8847ecf1f8fc53df23a2f687ae7a52071994d21ebd9fd35d031e62f3d752fc56

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:21:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.onmsft.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
447
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
427 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=15&rp_schain=1.0,1!playwire.com,1023788,1,,,&eid_pubcid.org=4d32b779-8c4b-4970-b127-677768b23296%5E1&rf=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.ref=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.page=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.domain=onmsft.com&tg_i.cat=IAB681%2CIAB19%2CIAB596&tg_i.sectioncat=IAB681%2CIAB19%2CIAB596&tg_i.pagecat=IAB681%2CIAB19%2CIAB596&tk_flint=pbjs_lite_v6.26.0&x_source.tid=3737ca9f-a0e6-4e38-8679-666047aadbfd&l_pb_bid_id=385bbf3befefd5e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.45756751405011253
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7e05127f49e55f7469df58a453cc9910d3c8f879380ed78dc267b3c6e2f6e17f

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:21:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.onmsft.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
427
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
449 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rp_schain=1.0,1!playwire.com,1023788,1,,,&eid_pubcid.org=4d32b779-8c4b-4970-b127-677768b23296%5E1&rf=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.ref=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.page=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.domain=onmsft.com&tg_i.cat=IAB681%2CIAB19%2CIAB596&tg_i.sectioncat=IAB681%2CIAB19%2CIAB596&tg_i.pagecat=IAB681%2CIAB19%2CIAB596&tk_flint=pbjs_lite_v6.26.0&x_source.tid=2f84ddb7-d1e1-449d-a641-a0b0fc69d9b1&l_pb_bid_id=39a82c644706b2a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.18766564465327473
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
da483c4cbaf0c9f37859e03b8a4c84155c797ee4b17d88d8d31b744c88c5811e

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:21:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.onmsft.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
449
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
449 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rp_schain=1.0,1!playwire.com,1023788,1,,,&eid_pubcid.org=4d32b779-8c4b-4970-b127-677768b23296%5E1&rf=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.ref=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.page=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.domain=onmsft.com&tg_i.cat=IAB681%2CIAB19%2CIAB596&tg_i.sectioncat=IAB681%2CIAB19%2CIAB596&tg_i.pagecat=IAB681%2CIAB19%2CIAB596&tk_flint=pbjs_lite_v6.26.0&x_source.tid=2f84ddb7-d1e1-449d-a641-a0b0fc69d9b1&l_pb_bid_id=402f020bb9225be&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.27277147816044023
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d772805c0a62a7f1e6c7d3c531e584a61ae23a9d3cef28857f8a089593df768f

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:21:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.onmsft.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
449
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
449 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rp_schain=1.0,1!playwire.com,1023788,1,,,&eid_pubcid.org=4d32b779-8c4b-4970-b127-677768b23296%5E1&rf=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.ref=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.page=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.domain=onmsft.com&tg_i.cat=IAB681%2CIAB19%2CIAB596&tg_i.sectioncat=IAB681%2CIAB19%2CIAB596&tg_i.pagecat=IAB681%2CIAB19%2CIAB596&tk_flint=pbjs_lite_v6.26.0&x_source.tid=2f84ddb7-d1e1-449d-a641-a0b0fc69d9b1&l_pb_bid_id=4100eb810f8b5ad&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9073930880028191
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a913d0114398b45dbb50dae69a73921fe1f019f6ab4ced17ab24b4bfeef9ce23

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:21:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.onmsft.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
449
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
449 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!playwire.com,1023788,1,,,&eid_pubcid.org=4d32b779-8c4b-4970-b127-677768b23296%5E1&rf=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.ref=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.page=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.domain=onmsft.com&tg_i.cat=IAB681%2CIAB19%2CIAB596&tg_i.sectioncat=IAB681%2CIAB19%2CIAB596&tg_i.pagecat=IAB681%2CIAB19%2CIAB596&tk_flint=pbjs_lite_v6.26.0&x_source.tid=2d306a35-d537-46a3-a781-f60fdfe714b1&l_pb_bid_id=429a02bd6bd6405&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1489703877040105
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4c640526e3973d2bc2204438063ab5c3144f92858bfd69c462f8e6b5f80fb1bb

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:21:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.onmsft.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
449
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
449 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!playwire.com,1023788,1,,,&eid_pubcid.org=4d32b779-8c4b-4970-b127-677768b23296%5E1&rf=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.ref=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.page=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.domain=onmsft.com&tg_i.cat=IAB681%2CIAB19%2CIAB596&tg_i.sectioncat=IAB681%2CIAB19%2CIAB596&tg_i.pagecat=IAB681%2CIAB19%2CIAB596&tk_flint=pbjs_lite_v6.26.0&x_source.tid=2d306a35-d537-46a3-a781-f60fdfe714b1&l_pb_bid_id=43b9ba6646a62ee&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7379175957763118
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6b5ec146ea3c6f8b057bb86634ae29c337d15653ef53097085e4382891af9145

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:21:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.onmsft.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
449
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
449 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!playwire.com,1023788,1,,,&eid_pubcid.org=4d32b779-8c4b-4970-b127-677768b23296%5E1&rf=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.ref=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.page=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.domain=onmsft.com&tg_i.cat=IAB681%2CIAB19%2CIAB596&tg_i.sectioncat=IAB681%2CIAB19%2CIAB596&tg_i.pagecat=IAB681%2CIAB19%2CIAB596&tk_flint=pbjs_lite_v6.26.0&x_source.tid=2d306a35-d537-46a3-a781-f60fdfe714b1&l_pb_bid_id=446bb8469001189&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.06331772124233392
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6e4c171e85027a1253cd490c8253cfae062071082075e12bd489fc256d0da317

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:21:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.onmsft.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
449
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
426 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=9&p_pos=atf&rp_schain=1.0,1!playwire.com,1023788,1,,,&eid_pubcid.org=4d32b779-8c4b-4970-b127-677768b23296%5E1&rf=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.ref=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.page=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.domain=onmsft.com&tg_i.cat=IAB681%2CIAB19%2CIAB596&tg_i.sectioncat=IAB681%2CIAB19%2CIAB596&tg_i.pagecat=IAB681%2CIAB19%2CIAB596&tk_flint=pbjs_lite_v6.26.0&x_source.tid=e2cc6827-670a-4dcb-bd6f-9d67546a0490&l_pb_bid_id=456fd0697ba4416&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.045263964354495645
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9ebe99935e5c5f37946418e84d540c1eb2b2fcc49830835f09e65b7d39f97baf

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:21:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.onmsft.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
426
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
426 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=110932&zone_id=523774&size_id=9&rp_schain=1.0,1!playwire.com,1023788,1,,,&eid_pubcid.org=4d32b779-8c4b-4970-b127-677768b23296%5E1&rf=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.ref=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.page=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.domain=onmsft.com&tg_i.cat=IAB681%2CIAB19%2CIAB596&tg_i.sectioncat=IAB681%2CIAB19%2CIAB596&tg_i.pagecat=IAB681%2CIAB19%2CIAB596&tk_flint=pbjs_lite_v6.26.0&x_source.tid=474fbd5f-4ac3-4282-8aa2-0b51a0c8dd13&l_pb_bid_id=4685dc3d0368218&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.48957841422625314
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7001265dd17f73edcccbb18699d5a0ea7ee24766e48686d21221069f9d427cf0

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:21:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.onmsft.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
426
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
447 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=365336&zone_id=2122004&size_id=2&alt_size_ids=55&rp_schain=1.0,1!playwire.com,1023788,1,,,&eid_pubcid.org=4d32b779-8c4b-4970-b127-677768b23296%5E1&rf=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.ref=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.page=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.domain=onmsft.com&tg_i.cat=IAB681%2CIAB19%2CIAB596&tg_i.sectioncat=IAB681%2CIAB19%2CIAB596&tg_i.pagecat=IAB681%2CIAB19%2CIAB596&tk_flint=pbjs_lite_v6.26.0&x_source.tid=717444c4-1ef7-4a56-96e7-6effbdc957cb&l_pb_bid_id=4758644164d0c07&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.36135472835107874
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5c6716a6bc8a4993527ff8d48debed70224dd16f17225f56a162b1cc86d04c80

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:21:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.onmsft.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
447
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
447 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12556&site_id=365336&zone_id=2122004&size_id=2&alt_size_ids=55&rp_schain=1.0,1!playwire.com,1023788,1,,,&eid_pubcid.org=4d32b779-8c4b-4970-b127-677768b23296%5E1&rf=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.ref=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.page=https%3A%2F%2Fwww.onmsft.com%2F&tg_i.domain=onmsft.com&tg_i.cat=IAB681%2CIAB19%2CIAB596&tg_i.sectioncat=IAB681%2CIAB19%2CIAB596&tg_i.pagecat=IAB681%2CIAB19%2CIAB596&tk_flint=pbjs_lite_v6.26.0&x_source.tid=717444c4-1ef7-4a56-96e7-6effbdc957cb&l_pb_bid_id=48561fc1174fa77&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5120065970230678
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1515b0fa9ab52a444a0277807554c4826f5319cc75dc70ea8142bcbad6ca1dd4

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:21:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.onmsft.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
447
Expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/
1 KB
3 KB
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2250f85ba54e1fa3f%22%3A%2273e8efe947582f2bfc75%7C300x250%2C300x600%7Cgpid%3D73e8efe947582f2bfc75%22%2C%2251c2f44267c80b2%22%3A%2273e8efe947582f2bfc75%7C300x250%7Cgpid%3D73e8efe947582f2bfc75%22%2C%2252de0675c9531f%22%3A%2273e8efe947582f2bfc75%7C300x250%7Cgpid%3D73e8efe947582f2bfc75%22%2C%2253bb88054ef4795%22%3A%2273e8efe947582f2bfc75%7C728x90%2C970x250%2C970x90%7Cgpid%3D73e8efe947582f2bfc75%22%2C%22545e426a7798503%22%3A%2273e8efe947582f2bfc75%7C728x90%2C970x250%2C970x90%7Cgpid%3D73e8efe947582f2bfc75%22%2C%2255828776ce9ad6%22%3A%2273e8efe947582f2bfc75%7C728x90%2C970x250%2C970x90%7Cgpid%3D73e8efe947582f2bfc75%22%2C%225620af61f8d426%22%3A%2273e8efe947582f2bfc75%7C728x90%2C970x250%2C970x90%7Cgpid%3D73e8efe947582f2bfc75%22%2C%2257e312d882753d5%22%3A%2273e8efe947582f2bfc75%7C728x90%2C970x250%2C970x90%7Cgpid%3D73e8efe947582f2bfc75%22%2C%2258411ca90542e33%22%3A%2273e8efe947582f2bfc75%7C728x90%2C970x250%2C970x90%7Cgpid%3D73e8efe947582f2bfc75%22%2C%2259ee81fe991fbc1%22%3A%2273e8efe947582f2bfc75%7C160x600%7Cgpid%3D73e8efe947582f2bfc75%22%2C%2260954aca75af943%22%3A%2273e8efe947582f2bfc75%7C160x600%7Cgpid%3D73e8efe947582f2bfc75%22%2C%2261ccb58f6efd0c8%22%3A%2265e3bee9061a36df3297%7C728x90%2C970x90%7Cgpid%3D65e3bee9061a36df3297%22%2C%226292b3e19699108%22%3A%2265e3bee9061a36df3297%7C728x90%2C970x90%7Cgpid%3D65e3bee9061a36df3297%22%7D&ref=https%3A%2F%2Fwww.onmsft.com%2F&s=c5c5bda0-a31e-4317-aace-e426a302ebce&pv=df45705a-6057-415c-aa27-0a777bda7356&vp=desktop&lib_name=prebid&lib_v=6.26.0&us=8&fpd=%7B%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%2C%22domain%22%3A%22onmsft.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22onmsft.com%22%7D%2C%22cat%22%3A%5B%22IAB681%22%2C%22IAB19%22%2C%22IAB596%22%5D%2C%22sectioncat%22%3A%5B%22IAB681%22%2C%22IAB19%22%2C%22IAB596%22%5D%2C%22pagecat%22%3A%5B%22IAB681%22%2C%22IAB19%22%2C%22IAB596%22%5D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%7D&ius=0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22playwire.com%22%2C%22sid%22%3A%221023788%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%224d32b779-8c4b-4970-b127-677768b23296%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224d32b779-8c4b-4970-b127-677768b23296%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.78 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
d8dd5218354a9990e99238f5d21e93ecfd6f2c27e3b4c9d84cdc0e53100cd80f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:21:57 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-50
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.onmsft.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
771
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
mp.4dex.io/
3 KB
2 KB
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
003d8f11dd32d4a4382088ab6e28722a616f0406c0b34175b7628b40141c7d88

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-warn
Validating the Prebid Request adunits. Duplicate adUnitCode: med_rect_atf, Validating the Prebid Request adunits. Duplicate adUnitCode: leaderboard_atf, Validating the Prebid Request adunits. Duplicate adUnitCode: leaderboard_atf, Validating the Prebid Request adunits. Duplicate adUnitCode: leaderboard_btf, Validating the Prebid Request adunits. Duplicate adUnitCode: leaderboard_btf, Validating the Prebid Request adunits. Duplicate adUnitCode: pw-oop-bottom_rail, Process Shapings. Seat shared_pubmatic: No adunits with mapping rule and shaping, Process Shapings. Seat shared_onetag: No adunits with mapping rule and shaping, Process Shapings. Seat shared_rubicon: No adunits with mapping rule and shaping
access-control-allow-origin
https://www.onmsft.com
content-length
830
x-err
Shapings: no adunits with size and seat and mapping
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 google
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
739e52d33ab380cf-NRT
expires
0
cygnus
htlb.casalemedia.com/
37 B
639 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=233837&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2277e2e4d689ab6bb%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%2C%22domain%22%3A%22onmsft.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22onmsft.com%22%7D%2C%22cat%22%3A%5B%22IAB681%22%2C%22IAB19%22%2C%22IAB596%22%5D%2C%22sectioncat%22%3A%5B%22IAB681%22%2C%22IAB19%22%2C%22IAB596%22%5D%2C%22pagecat%22%3A%5B%22IAB681%22%2C%22IAB19%22%2C%22IAB596%22%5D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A7%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A7%2C%22ren%22%3Afalse%2C%22version%22%3A%226.26.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2278c31f7f5a4ff5e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22233837%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22233838%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%228030a7d098a9429%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22233838%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2281967cb7fd6be02%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22233837%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22233839%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22233837%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2283ee29874340df6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22233837%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22233839%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22233837%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%228548c540fa8d612%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22233836%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2286b047944651e18%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22233836%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2287cccaee68908d7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22633329%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22633329%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22playwire.com%22%2C%22sid%22%3A%221023788%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224d32b779-8c4b-4970-b127-677768b23296%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf8edd693ebd06102e8208c3b6e4e43bf5f87bd3b1058683a14a3b2a619ee1e0

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjrQVoe9KvbIjTSDBydCn5jaxho1gkRXuAhB6iccvuG%2BSTWrBYzz3uv73JkivL%2B7zGtXE6M6eFFrsaGYwL3qcDOkCEMIQDVA2%2BVP7H%2FqKQSt9O5BQaM7HQrSevYj5Rc6hVf41cah"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.onmsft.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
739e52d33df8352f-NRT
expires
0
auction
tlx.3lift.com/header/
19 B
506 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.26.0&referrer=https%3A%2F%2Fwww.onmsft.com%2F&tmax=1400
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.169.230 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-169-230.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
accept-ch
sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.onmsft.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bidRequest
c2shb.ssp.yahoo.com/
62 B
261 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d001707040140144d290c90040&pos=ron_desktop_hb_300x600&cmd=bid&secure=1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1f4e8e8e9dd642595352e7448a97be35c5ceef7a822d860f4ded81fad1601c25

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
261 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d001707040140144d290c90040&pos=ron_desktop_hb_300x250&cmd=bid&secure=1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
fde6230166bb9742f67744cf8dfde61f256f7c15805c6e06dd8df354418c94ef

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
261 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d001707040140144d290c90040&pos=ron_desktop_hb_300x250&cmd=bid&secure=1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
7430b360ad4cdf6e8c8cbfd564b8c90d6c80ed5ae47e3cac995aca2a094db3c5

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
261 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d001707040140144d290c90040&pos=ron_desktop_hb_970x250&cmd=bid&secure=1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
190d15181a65896f4128f07f66e605219ef2cb37bdff75c66858d09e27ec7c0a

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
261 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d001707040140144d290c90040&pos=ron_desktop_hb_728x90&cmd=bid&secure=1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d61766b752bfa60be20796a75e87e0705f60300c04e30ff0e3a772008cabcfdd

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
262 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d001707040140144d290c90040&pos=8a9694be017777cf7c45d4bcc34200c2&cmd=bid&secure=1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
baf30b1a55b7b7e6b7eafa77ea37b51a069b31834e0e9e79a8ff48ee9cd5b9d8

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
261 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d001707040140144d290c90040&pos=ron_desktop_hb_970x250&cmd=bid&secure=1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d20823732451c6d2e72478d8f4b1e40c9eb9e175012751154ec2b405812de3d3

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
459 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d001707040140144d290c90040&pos=ron_desktop_hb_728x90&cmd=bid&secure=1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5eb6a3b656fa6c4f08802dcd64b9a04840ca00bc1837339e4e921d41a8316ee3

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
261 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d001707040140144d290c90040&pos=8a9694be017777cf7c45d4bcc34200c2&cmd=bid&secure=1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
eeaa7d9c669b82fe425ebf5f3d693356a231c5832fd11d23793d694127e418b8

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
261 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d001707040140144d290c90040&pos=ron_desktop_hb_160x600&cmd=bid&secure=1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ed913ed5e633a3adc79090e837d9cf3a5978141527db870d1ba4f4d40298c401

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
261 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d001707040140144d290c90040&pos=ron_desktop_hb_160x600&cmd=bid&secure=1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
279a3b8e568cfa2fd3a4e1da7d2ae2fe8e1ec6b9359020de3ca1e45c34d03e4c

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
261 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695cd017777d4f2c4d5cd7d55003d&pos=8a9695cd017777d4f2c4d5d19f9f0046&cmd=bid&secure=1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ecfa9fd979ff6f9b0fce584e95964c8da41e664430e78653a9c20c0dc6852f82

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
261 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695cd017777d4f2c4d5cd7d55003d&pos=8a9695e0017a7aa5b117a5df15750069&cmd=bid&secure=1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
0e4c28058a5510a2144053fa72d52cb3107304b669f29ef1d602c136c19fcb02

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
62
arj
playwire-d.openx.net/w/1.0/
174 B
591 B
XHR
General
Full URL
https://playwire-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.onmsft.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3be2e5ab-f0e3-471c-991a-36ee02e49086%2C3be2e5ab-f0e3-471c-991a-36ee02e49086%2C3737ca9f-a0e6-4e38-8679-666047aadbfd%2C2f84ddb7-d1e1-449d-a641-a0b0fc69d9b1%2C2f84ddb7-d1e1-449d-a641-a0b0fc69d9b1%2C2f84ddb7-d1e1-449d-a641-a0b0fc69d9b1%2C2d306a35-d537-46a3-a781-f60fdfe714b1%2C2d306a35-d537-46a3-a781-f60fdfe714b1%2C2d306a35-d537-46a3-a781-f60fdfe714b1%2Ce2cc6827-670a-4dcb-bd6f-9d67546a0490%2C474fbd5f-4ac3-4282-8aa2-0b51a0c8dd13%2C717444c4-1ef7-4a56-96e7-6effbdc957cb%2C717444c4-1ef7-4a56-96e7-6effbdc957cb&nocache=1660360916993&pubcid=e370000a-1856-4838-adbf-a65463269849&schain=1.0%2C1!playwire.com%2C1023788%2C1%2C%2C%2C&aus=300x250%2C300x600%7C300x250%2C300x600%7C300x250%7C728x90%2C970x250%2C970x90%7C728x90%2C970x250%2C970x90%7C728x90%2C970x250%2C970x90%7C728x90%2C970x250%2C970x90%7C728x90%2C970x250%2C970x90%7C728x90%2C970x250%2C970x90%7C160x600%7C160x600%7C728x90%2C970x90%7C728x90%2C970x90&divids=med_rect_atf%2Cmed_rect_atf%2Cmed_rect_btf%2Cleaderboard_atf%2Cleaderboard_atf%2Cleaderboard_atf%2Cleaderboard_btf%2Cleaderboard_btf%2Cleaderboard_btf%2Cpw-160x600_atf%2Cpw-160x600_btf%2Cpw-oop-bottom_rail%2Cpw-oop-bottom_rail&aucs=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&auid=544004823%2C544004823%2C544004823%2C544004825%2C544004825%2C544004825%2C544004825%2C544004825%2C544004825%2C544004823%2C544004823%2C545614213%2C545614213
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ddbc3d830f10f69c16dccc4ba005b2698ecf924d5ed1a95b416b80184dd2fd23

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.onmsft.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
adreq
ads.servenobid.com/
1 KB
717 B
XHR
General
Full URL
https://ads.servenobid.com/adreq?cb=8028
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.189.212.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-189-212-84.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
edc15b355249a234fec7051af9440c1a87774813046d6ebf963487a7838f1405

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.onmsft.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/
66 B
268 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
2c2abb65f7f0f9d1871cced3564c4c8660872892653c6a24f1b6c1f167502cb8

Request headers

Referer
https://www.onmsft.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
265 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
cc5b0f7a3c6ec50f70fa4c7061aefeb96ffefc382e59b30e7d18ab8fc62ce798

Request headers

Referer
https://www.onmsft.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
265 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
197329b361b83619e0eb18136d507998183d4eabd784373a12f5a2a94e9ba95c

Request headers

Referer
https://www.onmsft.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
265 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
fd4c40c64ea88b3dcdc5202d9f06a6ceccf57335a398fefaaba1df64ee3c4cd1

Request headers

Referer
https://www.onmsft.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
97 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6313b7d51e6e269465f5c169ecfc1f0c367988cf435547cf8c6f8639efc04220

Request headers

Referer
https://www.onmsft.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
97 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
af56e49e0d626918cc0eea69a645e1b3eacbe86936d330ec2da806f73a825919

Request headers

Referer
https://www.onmsft.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
265 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f6d55b254bc12ad6afa55c0466de3023759656fce2ecf1a189b9cbadeca893d9

Request headers

Referer
https://www.onmsft.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
265 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
dd49c7694914089a80ce064c2c6c367db928ea2c0a35981795f06aec838f1dbb

Request headers

Referer
https://www.onmsft.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
265 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ea49fe551c37a67e987abd9a52c1f6db19c42c8d9ab34fe00822322a5b7de9f3

Request headers

Referer
https://www.onmsft.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
266 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
0fbbb8c9e6bd1f8b3b79fc39813ffb6b5ab0c6fdb096ed3fa0fb0fd4e4db3534

Request headers

Referer
https://www.onmsft.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
263 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b21c87323b3661bcf4e78ef7ed190a4ef1e211f3b1bb35b65d2c5690ebce3e1b

Request headers

Referer
https://www.onmsft.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
264 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
99929d862b4e1938dc5ae8817951f2b889ffe64c760a240bbf5ea15d93bdaa25

Request headers

Referer
https://www.onmsft.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
97 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c3025dfeba6943de206069f749655ec568ada58e2588cae7c168f8239c744b72

Request headers

Referer
https://www.onmsft.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
66
prebid
ib.adnxs.com/ut/v3/
2 KB
2 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a4e5b0e649caf66d348770967cc6081f8e925c3c5389069f50be26c4f0c25d45
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Aug 2022 03:21:57 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.252.170; 217.138.252.170; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2b1dc5b2-6ebc-4b81-a56e-a3584c74bdc9
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.onmsft.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
115 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.onmsft.com
date
Sat, 13 Aug 2022 03:21:56 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/
1 KB
941 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIBM874
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9c97a4f61de85e396b32c95c8933ac7da06e1781dad1bbf98cd3db024b4a03a8

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
138
alt-svc
clear
via
1.1 google
hbjson
grid.bidswitch.net/
25 B
366 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b0e034928e78d96110fc2d22b3b838283b4767f5db445357ae37c00a108689fa

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Aug 2022 03:21:57 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.onmsft.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
hb
ssc.33across.com/api/v1/
0
0

hb
ssc.33across.com/api/v1/
0
0

hb
ssc.33across.com/api/v1/
0
0

hb
ssc.33across.com/api/v1/
0
0

hb
ssc.33across.com/api/v1/
0
0

hb
ssc.33across.com/api/v1/
0
0

hb
ssc.33across.com/api/v1/
0
0

hb
ssc.33across.com/api/v1/
0
0

hb
ssc.33across.com/api/v1/
0
0

hb
ssc.33across.com/api/v1/
0
0

hb
ssc.33across.com/api/v1/
0
0

hb
ssc.33across.com/api/v1/
0
0

hb
ssc.33across.com/api/v1/
0
0

prebid
ads.yieldmo.com/exchange/
0
224 B
XHR
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=6.26.0&p=%5B%7B%22placement_id%22%3A%22med_rect_atf%22%2C%22callback_id%22%3A%2222694bb273cd806e%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222797916852649402707%22%7D%2C%7B%22placement_id%22%3A%22med_rect_atf%22%2C%22callback_id%22%3A%22227c66529eee62a4%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222797916852649402707%22%7D%2C%7B%22placement_id%22%3A%22med_rect_btf%22%2C%22callback_id%22%3A%22228b4d037cc1c208%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222797916852649402707%22%7D%2C%7B%22placement_id%22%3A%22leaderboard_atf%22%2C%22callback_id%22%3A%22229bc1db19d512d9%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C250%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222797916852649402707%22%7D%2C%7B%22placement_id%22%3A%22leaderboard_atf%22%2C%22callback_id%22%3A%222304862b4815e6d3%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C250%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222797916852649402707%22%7D%2C%7B%22placement_id%22%3A%22leaderboard_atf%22%2C%22callback_id%22%3A%22231395cc59a47755%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C250%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222797916852649402707%22%7D%2C%7B%22placement_id%22%3A%22leaderboard_btf%22%2C%22callback_id%22%3A%22232b9efff91a36c3%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C250%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222797916852649402707%22%7D%2C%7B%22placement_id%22%3A%22leaderboard_btf%22%2C%22callback_id%22%3A%222339bf0563686589%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C250%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222797916852649402707%22%7D%2C%7B%22placement_id%22%3A%22leaderboard_btf%22%2C%22callback_id%22%3A%22234ee6f0b98e1662%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C250%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222797916852649402707%22%7D%2C%7B%22placement_id%22%3A%22pw-160x600_atf%22%2C%22callback_id%22%3A%2223586fc8fe6c7d17%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222797916852649402707%22%7D%2C%7B%22placement_id%22%3A%22pw-160x600_btf%22%2C%22callback_id%22%3A%2223680dabfd0921f8%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222797916852649402707%22%7D%2C%7B%22placement_id%22%3A%22pw-oop-bottom_rail%22%2C%22callback_id%22%3A%222376be382db8b63b%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222792942507023867941%22%7D%2C%7B%22placement_id%22%3A%22pw-oop-bottom_rail%22%2C%22callback_id%22%3A%222382489659f605a2%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222792942507023867941%22%7D%5D&page_url=https%3A%2F%2Fwww.onmsft.com%2F&bust=1660360917016&dnt=false&description=OnMSFT.com%20-%20Your%20home%20for%20Microsoft-centric%20news%20and%20information&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Latest%20News%20-%20OnMSFT.com&w=1600&h=1200&pubcid=4d32b779-8c4b-4970-b127-677768b23296&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22playwire.com%22%2C%22sid%22%3A%221023788%22%2C%22hp%22%3A1%2C%22rid%22%3A%22b3365762-3072-4051-9825-faab4b4e58f7%22%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224d32b779-8c4b-4970-b127-677768b23296%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.200.167 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-200-167.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.onmsft.com
pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
mvo
tag.1rx.io/rmp/213696/0/
0
162 B
XHR
General
Full URL
https://tag.1rx.io/rmp/213696/0/mvo?z=1r&hbv=6.26,2.1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.42 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.onmsft.com
pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
ROS
pbjs.e-planning.net/hb/1/2eb02/1/www.onmsft.com/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2eb02/1/www.onmsft.com/ROS?rnd=0.7677932252904065&e=300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2B728x90_0%3A728x90%2C970x...
  • https://pbjs.e-planning.net/hb/1/2eb02/1/www.onmsft.com/ROS?ct=1&r=pbjs&rnd=0.7677932252904065&e=300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2B728x90_0%3A728...
477 B
891 B
XHR
General
Full URL
https://pbjs.e-planning.net/hb/1/2eb02/1/www.onmsft.com/ROS?ct=1&r=pbjs&rnd=0.7677932252904065&e=300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2B728x90_0%3A728x90%2C970x250%2C970x90%2B728x90_1%3A728x90%2C970x250%2C970x90%2B728x90_2%3A728x90%2C970x250%2C970x90%2B728x90_3%3A728x90%2C970x250%2C970x90%2B728x90_4%3A728x90%2C970x250%2C970x90%2B728x90_5%3A728x90%2C970x250%2C970x90%2B728x90_6%3A728x90%2C970x90%2B728x90_7%3A728x90%2C970x90%2B160x600_0%3A160x600%2B160x600_1%3A160x600&ur=https%3A%2F%2Fwww.onmsft.com%2F&pbv=6.26.0&ncb=1&vs=FFFFFFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.onmsft.com%2F&e_pubcid=4d32b779-8c4b-4970-b127-677768b23296
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Server
64.120.110.138 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
de8edcb2664c4addc99c9d02e8d44de345f94efbc90a00d731389a545bb3a8f3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.onmsft.com
expires
Sat, 13 Aug 2022 03:21:57 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
477
x-sid
SIN-721

Redirect headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
openresty
access-control-allow-origin
https://www.onmsft.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2eb02/1/www.onmsft.com/ROS?ct=1&r=pbjs&rnd=0.7677932252904065&e=300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2B728x90_0%3A728x90%2C970x250%2C970x90%2B728x90_1%3A728x90%2C970x250%2C970x90%2B728x90_2%3A728x90%2C970x250%2C970x90%2B728x90_3%3A728x90%2C970x250%2C970x90%2B728x90_4%3A728x90%2C970x250%2C970x90%2B728x90_5%3A728x90%2C970x250%2C970x90%2B728x90_6%3A728x90%2C970x90%2B728x90_7%3A728x90%2C970x90%2B160x600_0%3A160x600%2B160x600_1%3A160x600&ur=https%3A%2F%2Fwww.onmsft.com%2F&pbv=6.26.0&ncb=1&vs=FFFFFFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.onmsft.com%2F&e_pubcid=4d32b779-8c4b-4970-b127-677768b23296
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
SIN-721
pegasus_theme.25d5d942be4acce443aa.css
cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/ Frame E3B6
29 KB
5 KB
Stylesheet
General
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/pegasus_theme.25d5d942be4acce443aa.css
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/zeus_boot.efc03e3eeedd10cb747f.js?efc03e3eeedd10cb747f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:9a00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38b88d35ff7abc2f1614745b704a2995714660452baa4719737545b05c7e6f81

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
OOd3W8TdAQKJFsJZFedQ5q6Kln.kcrW4
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:09:59 GMT
server
AmazonS3
age
52745
etag
W/"e61b0f2eda089b99e0fd60e112bc2916"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
date
Fri, 12 Aug 2022 12:42:53 GMT
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
3Rp8-GS9OJv3BFjDa0U9PfdNDL6eUY9ii4_FeM52J9osTlUJaimhIg==
pegasus_theme.25d5d942be4acce443aa.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/ Frame E3B6
9 KB
3 KB
Script
General
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/pegasus_theme.25d5d942be4acce443aa.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/zeus_boot.efc03e3eeedd10cb747f.js?efc03e3eeedd10cb747f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:9a00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a0fbf8080c07e60ae91b9ab6ef235cac37d61db575dfce463aee4cfa591e8e3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
y4BpNv4IlEtj3FdL7B1hRtvXkKjxxST9
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:09:59 GMT
server
AmazonS3
age
49802
etag
W/"dbfb1dd1512bf9960e5f936e284cff15"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
date
Fri, 12 Aug 2022 13:50:49 GMT
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
Symv5OiKZbzKxzTQBRY3zfjI0oX2Fu_0PauTlmjgKARApUC_8yFVfA==
setuid
u.4dex.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu.4dex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://u.4dex.io/setuid?bidder=appnexus&uid=4764734661110149725
0
940 B
Image
General
Full URL
https://u.4dex.io/setuid?bidder=appnexus&uid=4764734661110149725
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:58 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:21:57 GMT
X-Proxy-Origin
217.138.252.170; 217.138.252.170; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fc855363-75d5-44f9-8c9b-e8938db8aa07
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u.4dex.io/setuid?bidder=appnexus&uid=4764734661110149725
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
admgr.1764d69bbe030f9f86d6.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/ Frame E3B6
157 KB
39 KB
Script
General
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/admgr.1764d69bbe030f9f86d6.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/zeus_boot.efc03e3eeedd10cb747f.js?efc03e3eeedd10cb747f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:9a00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec7da5bccd49217c579947752c3fd0cf28bc79f6acace987dd677458c68d5d53

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
N_Mt.S.gtvJEU8y9r09BV3LLWvpCnvCS
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:09:59 GMT
server
AmazonS3
age
18168
etag
W/"e9cc8f27479213aa491e94f3448d714e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
date
Fri, 12 Aug 2022 22:19:10 GMT
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
a8a2RLnSm8W9H5cn-NucBnUGdPCduLbWy-q1Wj-zxaAcibzedJd3eg==
pegasus_appearance_manager.6a9819cc9791c2ecb504.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/ Frame E3B6
6 KB
3 KB
Script
General
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/pegasus_appearance_manager.6a9819cc9791c2ecb504.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/zeus_boot.efc03e3eeedd10cb747f.js?efc03e3eeedd10cb747f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:9a00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b5839ccf8b2a8013f74f4010170cef575f7112c19e791f7b71405d90687d065

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
Pn_7puLfDExo6oHmNBELVT_SNzsXUSnL
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:09:59 GMT
server
AmazonS3
age
40300
etag
W/"5f9f7795b6656b5381d86cbdb810bb02"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
date
Fri, 12 Aug 2022 16:10:18 GMT
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
uJwplPOMdPfLJwDX74zHJw6x_4MH9gd68A-K2-7nRw8G_k_k193g2A==
pegasus_controlbar~scrubber.1c5b89f03069a8c5f6e5.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/ Frame E3B6
16 KB
5 KB
Script
General
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/pegasus_controlbar~scrubber.1c5b89f03069a8c5f6e5.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/zeus_boot.efc03e3eeedd10cb747f.js?efc03e3eeedd10cb747f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:9a00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
725d1edb01d4673a22b6b7c66348ab19f0be4467b2f17e364db97d500b8efd68

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
BhPxk6hbG5ZsQKIWU3Tbsunef8T721_v
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:09:59 GMT
server
AmazonS3
age
34348
etag
W/"8bcb4ae00f7f2283363e332614a178c6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
date
Fri, 12 Aug 2022 17:49:29 GMT
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
4uht6ko0v1P1L9FZkihF-YDTVCVtchh1oe3m6UM0Encv6yUHbxRUgA==
pegasus_controlbar.339779335d2601a9be92.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/ Frame E3B6
14 KB
4 KB
Script
General
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/pegasus_controlbar.339779335d2601a9be92.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/zeus_boot.efc03e3eeedd10cb747f.js?efc03e3eeedd10cb747f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:9a00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c88fe77d0bb423a2815479f8f06a39d4a2f47f7ee3c800b2792d217e063576f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
9bcb.mUJPge905Zw0qfs39peBGoCmG2L
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:09:59 GMT
server
AmazonS3
age
4143
etag
W/"886d57da179b44c3dfbf2a8aa8738e14"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
date
Sat, 13 Aug 2022 02:12:55 GMT
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
5ikjWyzHlMkZnTI5vYelj7eyuxiy_I20ReudK6Gbq1AinEo6pJP4KQ==
zeus_mouseinput.1d0b0f313ed20569d9fb.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/ Frame E3B6
4 KB
2 KB
Script
General
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/zeus_mouseinput.1d0b0f313ed20569d9fb.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/zeus_boot.efc03e3eeedd10cb747f.js?efc03e3eeedd10cb747f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:9a00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23b9cb236050bdd3ee0ca83fd60c9b25eed708678b9f75e7e0fc6a913063cc2d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
TnLyHZVNelpwAUbp2ZLpwsZHjG84MmHp
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:09:59 GMT
server
AmazonS3
age
6179
etag
W/"bd3cf493840c23ace725a545e391f20a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
date
Sat, 13 Aug 2022 01:38:59 GMT
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
XhAsNEZlwopRy4ytRBvX4knf0VkBtm2E8Ao5AbI8Qjbn4GNX7OF3Gg==
pegasus_content.67ca910b79fb2fb571b1.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/ Frame E3B6
10 KB
3 KB
Script
General
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/pegasus_content.67ca910b79fb2fb571b1.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/zeus_boot.efc03e3eeedd10cb747f.js?efc03e3eeedd10cb747f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:9a00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7fbe4f3a945bb4673c78ff1af46f86172a35dbe87b66114968fb6e56a353a9e1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
PTELHfBigeXMowvxRajMYVLXqSiA4Q5F
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:09:59 GMT
server
AmazonS3
age
55754
etag
W/"8c2721a8dc5e0f442f5813a4477b5d31"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
date
Fri, 12 Aug 2022 11:52:44 GMT
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
ryHSu-aiMqRe8y814dmhdNwev3CCjtK2xPve6-TTNcA2rTl4Dv5OUg==
scrubber.c2ac515c16312477ae3d.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/ Frame E3B6
9 KB
3 KB
Script
General
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/scrubber.c2ac515c16312477ae3d.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/zeus_boot.efc03e3eeedd10cb747f.js?efc03e3eeedd10cb747f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:9a00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f63a771e9e7e24a13a4ad3c8ac554db96c34874c3863b2b809f7f4e7e7b7db1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
p2hmSJYr9PDxgfT3scq.Gjn1SnEl8jGe
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:09:59 GMT
server
AmazonS3
age
2373
etag
W/"44ccac526aa990d453b909309b32f85a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
date
Sat, 13 Aug 2022 02:42:25 GMT
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
mcXNfI4IYmr7oD-BXklpNzd9b2_9ga8VUqVjPv_NjiAfdQP9Is-tCg==
pegasus_watermark.3be1fa39d001f2206d6f.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/ Frame E3B6
7 KB
2 KB
Script
General
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/pegasus_watermark.3be1fa39d001f2206d6f.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/zeus_boot.efc03e3eeedd10cb747f.js?efc03e3eeedd10cb747f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:9a00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3fef29529678ff5e018e5d2db4a897390044b92e9105cf7adae070f76f8dbe1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
eOM3a8Hof0UVE_LDJ6d9omoe3g7tOqzc
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:09:59 GMT
server
AmazonS3
age
11353
etag
W/"465bc19e6b489a7f9217fc1d7e4ebdba"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
date
Sat, 13 Aug 2022 00:12:45 GMT
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
vIUge2mC5N_xlhbuuMi85OUnHVSVOG0DULosoT3blMldbYETjKTglQ==
playwire
playwire.technoratimedia.com/openrtb/bids/ Frame
0
0
Preflight
General
Full URL
https://playwire.technoratimedia.com/openrtb/bids/playwire?src=prebid_prebid_6.26.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.onmsft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://www.onmsft.com
date
Sat, 13 Aug 2022 03:21:57 GMT
server
nginx
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.onmsft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.onmsft.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
280311
search.spotxchange.com/openrtb/2.3/dados/
0
983 B
XHR
General
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/280311?src_sys=prebid
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.71.26.124 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Aug 2022 03:21:57 GMT
X-SpotX-Timing-Transform
0.000291
X-SpotX-Timing-SpotMarket
0.049845
X-SpotX-Timing-Page-Mux
0.000748
X-SpotX-Timing-Page-Require
0.000301
X-fe
013
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.053144
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000271
Last-Modified
Sat, 13 Aug 2022 03:21:57 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.049845
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.onmsft.com
X-SpotX-Timing-Page-Misc
0.001675
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cygnus
htlb.casalemedia.com/
38 B
608 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=505013&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2226945d9bd58ee77c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%2C%22domain%22%3A%22onmsft.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22onmsft.com%22%7D%2C%22cat%22%3A%5B%22IAB681%22%2C%22IAB19%22%2C%22IAB596%22%5D%2C%22sectioncat%22%3A%5B%22IAB681%22%2C%22IAB19%22%2C%22IAB596%22%5D%2C%22pagecat%22%3A%5B%22IAB681%22%2C%22IAB19%22%2C%22IAB596%22%5D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.26.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22270aaa9838f6ba39%22%2C%22ext%22%3A%7B%22siteID%22%3A%22505013%22%2C%22sid%22%3A%22640x480%22%7D%2C%22video%22%3A%7B%22playerType%22%3A%22HTML5%22%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22maxduration%22%3A300%2C%22minduration%22%3A5%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22playerSize%22%3A%5B%5B640%2C480%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A1%2C%22w%22%3A640%2C%22h%22%3A480%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22playwire.com%22%2C%22sid%22%3A%221023788%22%2C%22hp%22%3A1%2C%22rid%22%3A%22b3365762-3072-4051-9825-faab4b4e58f7%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22crwdcntrl.net%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22428ccc7f004d70508aac3651c28716d53938b6d6f6c2aa6a116d595ce3a1669d%22%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224d32b779-8c4b-4970-b127-677768b23296%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
664609f34e4d9850b02ac4ee419fed7e1f15aba86ad7fab04bb0ef48c79f105c

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgOz%2BVnXFXovNgbDSLvvfkOYvIAhun1%2BwdnVgAM%2BMlQYAj9IsHaEwCAoWckfNOSjK2IVeHQWJyzz4129YJ3XLkNQc%2Fr9VR5a7O2ELtmwyWZxOl2UTWRU6MIAZn1m0B1Q7gKrQio9"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.onmsft.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
739e52d69e648a6c-NRT
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/
186 B
409 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.237.6 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-237-6.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e0c9cb5266f902870ff0e90e326b457946a72f87bda3389c533f1eb54b984d05

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.onmsft.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
avjp
playwire-d.openx.net/v/1.0/
106 B
127 B
XHR
General
Full URL
https://playwire-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.onmsft.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1e3eb2c6-7282-42a4-9152-9691fb3f134a&nocache=1660360917530&lotameid=428ccc7f004d70508aac3651c28716d53938b6d6f6c2aa6a116d595ce3a1669d&pubcid=e370000a-1856-4838-adbf-a65463269849&schain=1.0%2C1!playwire.com%2C1023788%2C1%2Cb3365762-3072-4051-9825-faab4b4e58f7%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A640%2C%22h%22%3A480%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%2C%22application%2Fx-mpegURL%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22maxduration%22%3A30%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22minduration%22%3A1%2C%22startdelay%22%3A0%2C%22placement%22%3A1%7D%7D%5D%7D&auid=540570750&vwd=640&vht=480
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.onmsft.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
playwire
playwire.technoratimedia.com/openrtb/bids/
0
292 B
XHR
General
Full URL
https://playwire.technoratimedia.com/openrtb/bids/playwire?src=prebid_prebid_6.26.0
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 03:21:58 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
67318254
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
tag
bktr2-06hdl.ads.tremorhub.com/ad/
Redirect Chain
  • https://bktr2-06hdl.ads.tremorhub.com/ad/tag?adCode=bktr2-g87mf&playerWidth=640&playerHeight=480&srcPageUrl=https%3A%2F%2Fwww.onmsft.com%2F&supplyCode=bktr2-06hdl&videoId=MyCoolVideo&schain=1.0,1!p...
  • https://bktr2-06hdl.ads.tremorhub.com/ad/tag?adCode=bktr2-g87mf&playerWidth=640&playerHeight=480&srcPageUrl=https%3A%2F%2Fwww.onmsft.com%2F&supplyCode=bktr2-06hdl&videoId=MyCoolVideo&schain=1.0,1!p...
55 B
692 B
XHR
General
Full URL
https://bktr2-06hdl.ads.tremorhub.com/ad/tag?adCode=bktr2-g87mf&playerWidth=640&playerHeight=480&srcPageUrl=https%3A%2F%2Fwww.onmsft.com%2F&supplyCode=bktr2-06hdl&videoId=MyCoolVideo&schain=1.0,1!playwire.com,1023788,1,b3365762-3072-4051-9825-faab4b4e58f7,,&transactionId=1e3eb2c6-7282-42a4-9152-9691fb3f134a&referrer=https%3A%2F%2Fwww.onmsft.com%2F&hb=1&fmt=json&_tur=T
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Server
2406:da18:9ea:6f32:84aa:52f7:20ec:e756 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
47a5391fbc125a3a816a54ce59301b1ff46118a0beda1ea697d64d94f2bea4e5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.onmsft.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8

Redirect headers

location
https://bktr2-06hdl.ads.tremorhub.com/ad/tag?adCode=bktr2-g87mf&playerWidth=640&playerHeight=480&srcPageUrl=https%3A%2F%2Fwww.onmsft.com%2F&supplyCode=bktr2-06hdl&videoId=MyCoolVideo&schain=1.0,1!playwire.com,1023788,1,b3365762-3072-4051-9825-faab4b4e58f7,,&transactionId=1e3eb2c6-7282-42a4-9152-9691fb3f134a&referrer=https%3A%2F%2Fwww.onmsft.com%2F&hb=1&fmt=json&_tur=T
date
Sat, 13 Aug 2022 03:21:57 GMT
access-control-allow-credentials
true
server
Apache-Coyote/1.1
access-control-allow-origin
https://www.onmsft.com
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
bidRequest
c2shb.pubgw.yahoo.com/
12 KB
12 KB
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
20e463a84eba8553c5371120818da764b0766117c6bc4f48d6346ea693dfa7f1

Request headers

Referer
https://www.onmsft.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
12160
trinity.json
apex.go.sonobi.com/
1 KB
2 KB
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22282773b23295fc05%22%3A%22e45e3d0af219aa5f137f%7C%7Cf%3D1%22%7D&ref=https%3A%2F%2Fwww.onmsft.com%2F&s=8bf0c8aa-a990-4fdf-a78a-330a81a0ec18&pv=df45705a-6057-415c-aa27-0a777bda7356&vp=desktop&lib_name=prebid&lib_v=6.26.0&us=8&fpd=%7B%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%2C%22domain%22%3A%22onmsft.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22onmsft.com%22%7D%2C%22cat%22%3A%5B%22IAB681%22%2C%22IAB19%22%2C%22IAB596%22%5D%2C%22sectioncat%22%3A%5B%22IAB681%22%2C%22IAB19%22%2C%22IAB596%22%5D%2C%22pagecat%22%3A%5B%22IAB681%22%2C%22IAB19%22%2C%22IAB596%22%5D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%7D&ius=0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22playwire.com%22%2C%22sid%22%3A%221023788%22%2C%22hp%22%3A1%2C%22rid%22%3A%2241e73af2-cc6b-4015-b992-d89d96f3a508%22%7D%5D%7D&userid=%7B%22lotamePanoramaId%22%3A%22428ccc7f004d70508aac3651c28716d53938b6d6f6c2aa6a116d595ce3a1669d%22%2C%22pubcid%22%3A%224d32b779-8c4b-4970-b127-677768b23296%22%7D&eids=%5B%7B%22source%22%3A%22crwdcntrl.net%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22428ccc7f004d70508aac3651c28716d53938b6d6f6c2aa6a116d595ce3a1669d%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224d32b779-8c4b-4970-b127-677768b23296%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.78 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
221702ff06eb7251367cabe5781c553bfc8d74cccbec6f7e0c1da9688b2ee0f9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:21:57 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-50
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.onmsft.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
611
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
59 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.onmsft.com
date
Sat, 13 Aug 2022 03:21:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/209569/0/
0
161 B
XHR
General
Full URL
https://tag.1rx.io/rmp/209569/0/mvo?z=1r&hbv=6.26,2.1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.42 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.onmsft.com
pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
hbjson
grid.bidswitch.net/
24 B
365 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
22c236724f255f425adad964a7c3df2495e3cc06be2a3a68d040dc2d1f2c569a

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Aug 2022 03:21:57 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.onmsft.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
v1
btlr.sharethrough.com/universal/
468 B
671 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.37.224 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-37-224.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
3a2689da549282bffac6ef91b918b43385cca3a5f9f1c238d882505225e53a3e

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
348
prebid
prebid.media.net/rtb/
1 KB
782 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIBM874
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
21f688eefb3fb431301ac023cfc4135672206feeaf54b8c2559320d5da2d3242

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
95
alt-svc
clear
via
1.1 google
prebid
ib.adnxs.com/ut/v3/
139 B
833 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ea03bcb78cd767a32e2399ab0895c0852dd6ff735b77f52638ae09efcbd0015b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:21:57 GMT
X-Proxy-Origin
217.138.252.170; 217.138.252.170; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e2c2d4b9-e41c-4dd6-8984-993893baa5c8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.onmsft.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cache
prebid.adnxs.com/pbc/v1/
63 B
324 B
XHR
General
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.250.0.199 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
81bd209ae9c9bd025eed991f294baa1481b1bd43f9b9edb98e05aee1edad1589

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Aug 2022 03:21:57 GMT
Server
nginx/1.21.3
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.onmsft.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
sync
ssbsync.smartadserver.com/api/ Frame 33C4
835 B
1 KB
Document
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
0cdf88f7fc7bbbe76fce17e1bf322d4d96843c3f772bf8013ae601e154501635

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
835
content-type
text/html
date
Sat, 13 Aug 2022 03:21:57 GMT
setuid
u.4dex.io/ Frame 33C4
0
15 B
Image
General
Full URL
https://u.4dex.io/setuid?bidder=smart&uid=4960241744634227040&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:58 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
redir
rtb-csync.smartadserver.com/ Frame 33C4
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABh407F7jIAAA90E3B3Kg&gdpr=0
43 B
412 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABh407F7jIAAA90E3B3Kg&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:58 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABh407F7jIAAA90E3B3Kg&gdpr=0
Date
Sat, 13 Aug 2022 03:21:58 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
/
rtb-csync.smartadserver.com/redir/ Frame 33C4
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0802220402677156ae909095&gdpr=0&gdpr_consent=
43 B
466 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0802220402677156ae909095&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:58 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0802220402677156ae909095&gdpr=0&gdpr_consent=
date
Sat, 13 Aug 2022 03:21:58 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
1000.gif
id.rlcdn.com/ Frame 33C4
Redirect Chain
  • https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
  • https://id.rlcdn.com/1000.gif?memo=CNK5KxoNCNax3JcGEgUI6AcQAEJOaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2k9MSZwYXJ0bmVyaWQ9MTM2JnBhcnRuZXJ1c2VyaWQ9SgA
42 B
60 B
Image
General
Full URL
https://id.rlcdn.com/1000.gif?memo=CNK5KxoNCNax3JcGEgUI6AcQAEJOaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2k9MSZwYXJ0bmVyaWQ9MTM2JnBhcnRuZXJ1c2VyaWQ9SgA
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:21:58 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 13 Aug 2022 03:21:58 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://id.rlcdn.com/1000.gif?memo=CNK5KxoNCNax3JcGEgUI6AcQAEJOaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2k9MSZwYXJ0bmVyaWQ9MTM2JnBhcnRuZXJ1c2VyaWQ9SgA
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 33C4
Redirect Chain
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=07030001_62f718d697abf&gdpr=0&gdpr_consent=
43 B
438 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=07030001_62f718d697abf&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:58 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Sat, 13 Aug 2022 03:21:58 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=07030001_62f718d697abf&gdpr=0&gdpr_consent=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
googleAdsPlayer.5b61c678e9c321d4a651.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/ Frame E3B6
37 KB
11 KB
Script
General
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/googleAdsPlayer.5b61c678e9c321d4a651.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/zeus_boot.efc03e3eeedd10cb747f.js?efc03e3eeedd10cb747f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:9a00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a926ac767f24194f2bf37eb52d7c3114f2f9172f1d38d868326b09593cb489d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
9D_TgMIG9czS_otASRCV.Tk.9L7xI5.k
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:09:59 GMT
server
AmazonS3
age
2126
etag
W/"23ff38e87e95e11fac50ca87d8f8a31f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
date
Sat, 13 Aug 2022 02:46:33 GMT
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
hlX1Zoi7HeUMIDdaNfdROZmgAsaV0OJco_Wk-VnXhrUeHi-aG5Gzhg==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame E3B6
375 KB
125 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/googleAdsPlayer.5b61c678e9c321d4a651.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
603db0f6c2713ca7a57c9091bf85634c48fb5cabcb99cb718a8cbfefb0631f7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127744
x-xss-protection
0
expires
Sat, 13 Aug 2022 03:21:58 GMT
bridge3.524.0_en.html
imasdk.googleapis.com/js/core/ Frame 7AFA
635 KB
205 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.524.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d0b5a63ca5e36540e2628599ba666ef0ac2bd34f8ea5f25c9a51b0e4c72fed2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.playwire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
10571
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210237
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 00:25:47 GMT
expires
Sun, 13 Aug 2023 00:25:47 GMT
last-modified
Mon, 08 Aug 2022 18:34:29 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame E3B6
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Aug 2022 03:21:59 GMT
integrator.js
adservice.google.com/adsid/ Frame E3B6
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.playwire.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FB24
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-52-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=29246
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 13 Aug 2022 03:21:59 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 13 Aug 2022 11:29:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame FB24
0
42 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=98231395&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
content-length
0
3vjoryfbqq
www.clarity.ms/tag/
2 KB
2 KB
Script
General
Full URL
https://www.clarity.ms/tag/3vjoryfbqq
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1666 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
9fb60d9b24eef5d6f5ec65124344c803bf2748e7863be787f35017e1644a3e36

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:58 GMT
x-powered-by
ASP.NET
x-azure-ref
01xj3YgAAAACO0c7MhNGPTLK9sHLUvyr+S1VMMzBFREdFMDMxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
content-length
1896
expires
-1
ads
securepubads.g.doubleclick.net/gampad/ Frame 7AFA
16 KB
3 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?sz=640x480&iu=%2F154013155%2C22522311865%2F1023788%2F71908%2Fpublisher%3A1023788-website%3A71908-video&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&url=https%3A%2F%2Fwww.onmsft.com%2F&description_url=https%3A%2F%2Fwww.onmsft.com%2F&correlator=4436755664275474&vad_type=linear&cust_params=hb_bidder%3Dyahoossp%26hb_val%3D0.05%26hb_uuid%3D45132470-1a4c-4975-99e8-a8887bf263a3%26adunit%3Dtrendi_video%26instream%3Dtrue%26owning_pub_id%3D1023788%26player_height%3D254%26player_width%3D452%26synd%3Dfalse%26vid_long_form%3Dfalse%26window_width%3D1600%26window_height%3D1200%26sitecont_cat%3Dgames_hardcore%2Ctechnology%26custom_path%3DROS%26ad_clicker%3Dfalse%26ab_test%3Dna_A%26hb_test%3D2022-07-15_b%26pagecount%3D1%26vid_location%3Dcorner%26product%3Dads_only%26sticky%3Dtrue%26trendi%3Dfalse%26refresh_count%3D0%26abs_dist_top%3D1050%26abs_dist_left%3D1350%26rel_dist_bottom%3D10%26rel_dist_left%3D80%26browser%3DChrome%20104%26hour%3D3%26day%3DSaturday&pmnd=0&pmxd=30000&pmad=3&vpa=auto&vpmute=1&sdkv=h.3.524.0&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=928570498&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.524.0&sid=A935E813-76F1-4122-927F-C9DAA906F74E&nel=0&eid=31061774%2C44731964%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&ref=https%3A%2F%2Fwww.onmsft.com%2F&dlt=1660360916869&idt=2140&dt=1660360919140&scor=2948699462338424&ged=ve4_td2_tt0_pd2_la2000_er0.0.154.300_vi0.0.254.452_vp100_eb24427
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.524.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
cafe /
Resource Hash
98310dd359ab63e3275ec0c682c19739c8949dc5e039d6a7a340af41743fb38f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3034
x-xss-protection
0
google-lineitem-id
5883113969
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377577450
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.co.jp/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=www.onmsft.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.onmsft.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
143 KB
50 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3215188679422792&correlator=3957782918043674&eid=31068922%2C31068927%2C31068929%2C31068942&output=ldjh&gdfp_req=1&vrg=2022081001&ptt=17&impl=fifs&iu_parts=154013155%3A22522311865%2C1023788%2C71908%2C1023788-71908-desktop_leaderboard%2C1023788-71908-medium_rectangle%2C1023788-71908-160x600&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%2C300x250%2C300x250%7C300x600%2C160x600&ifi=1&adks=1983387272%2C3861699527%2C1493855172%2C474755280%2C1553788845&sfv=1-0-38&fsapi=false&prev_scp=pos%3Datf%26slot_id%3Dleaderboard_atf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DROS%26lld_id%3D736508632aa04fc6bf3f7c7370d5578060919145%26price_floor%3D0.15%26in_view%3Dtrue%7Cpos%3Dbtf%26slot_id%3Dmed_rect_btf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DROS%26lld_id%3Da692ccfdc5494a2b983ffbe87fd1ff0d60919147%26price_floor%3D0.15%26in_view%3Dtrue%7Cpos%3Dbtf%26slot_id%3Dmed_rect_btf2%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DROS%26lld_id%3Df663ed5f8ffa429e8a686be15f50364360919147%26price_floor%3D0.15%7Cpos%3Datf%26slot_id%3Dmed_rect_atf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DROS%26lld_id%3D73e9df789d4c4a4587d90c30e6db5d6560919148%26price_floor%3D0.15%26in_view%3Dtrue%7Cpos%3Datf%26slot_id%3Dpw-160x600_atf%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DROS%26lld_id%3D6b143a15096d40f3bb44463cb7c7981960919149%26price_floor%3D0.15%26in_view%3Dtrue&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26sitecont_cat%3Dgames_hardcore%252Ctechnology%26hb_test%3D2022-07-08_b%26hour%3D3%26day%3DSaturday%26OS%3DWindows%252010%26browser%3DChrome%2520104%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.5.24%26kver%3Dv1%26ab_test%3Dna_A%26ad_clicker%3Dfalse%26got_consent%3Dtrue%26page_focus%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1660360919170&lmt=1660360837&dlt=1660360915751&idt=1312&adxs=1636%2C-12245933%2C1425%2C2225%2C-12245933&adys=260%2C-12245933%2C3412%2C1014%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C1%7C0%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.onmsft.com%2F&frm=20&vis=1&psz=4000x250%7C800x4244%7C800x4244%7C350x1290%7C350x1290&msz=728x0%7C0x0%7C800x280%7C350x0%7C0x0&fws=1024%2C1152%2C1024%2C1024%2C1152&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1533648303.1660360917&ga_sid=1660360919&ga_hid=340891715&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
cafe /
Resource Hash
202ff0ea358064347f54bd2bccc9df16221a72ab6fc97ad88a3919acdf7b170b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50952
x-xss-protection
0
google-lineitem-id
-1,-1,-2,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-2,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3D3F
6 KB
4 KB
Document
General
Full URL
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 03:21:59 GMT
expires
Sun, 13 Aug 2023 03:21:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/
340 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4bf2ce443af94e5a87bb4e9f7b75cf3a262f80ee47070377bcb6adf9bff8fbc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122751
x-xss-protection
0
server
cafe
etag
85154103670728037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Aug 2022 03:21:59 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/ Frame D067
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
32300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 18:23:39 GMT
etag
8616628553774171045
expires
Fri, 26 Aug 2022 18:23:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cropped-onmsft-logo.png
ehsw47mb2ee.exactdn.com/wp-content/uploads/2021/03/
2 KB
2 KB
Image
General
Full URL
https://ehsw47mb2ee.exactdn.com/wp-content/uploads/2021/03/cropped-onmsft-logo.png?strip=all&lossy=1&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.162.249 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-714.bunnyinfra.net
Software
BunnyCDN-SG-714 /
Resource Hash
d6f4798dd69cd9aa024b56e14e5d3e90e3003833ed7874d37f7ad6c53277531e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
x-content-type-options
nosniff
cdn-edgestorageid
782
access-control-allow-origin
*
cdn-cachedat
06/07/2022 13:10:36
cdn-pullzone
369249
content-length
1796
server
BunnyCDN-SG-714
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires
Tue, 06 Jun 2023 15:20:37 GMT
last-modified
Mon, 06 Jun 2022 15:07:52 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
content-type
image/webp
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-uid
282460b1-e21e-44b6-a162-b4892cda4727
cdn-requestid
b0e4ab369a3bcb7c58a06468ee66a3ee
cdn-requestcountrycode
JP
link
<https://www.onmsft.com/wp-content/uploads/2021/03/cropped-onmsft-logo.png>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
turbo-golf-racing-Custom-200x150.jpg
ehsw47mb2ee.exactdn.com/wp-content/uploads/2022/07/
6 KB
7 KB
Image
General
Full URL
https://ehsw47mb2ee.exactdn.com/wp-content/uploads/2022/07/turbo-golf-racing-Custom-200x150.jpg?strip=all&lossy=1&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.162.249 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-714.bunnyinfra.net
Software
BunnyCDN-SG-714 /
Resource Hash
74c370875c1b1435cf25d5ba99c1f2a76297cf5ec3412bfd402908560d13f87e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
x-content-type-options
nosniff
cdn-edgestorageid
749
access-control-allow-origin
*
cdn-cachedat
08/12/2022 17:22:49
cdn-pullzone
369249
content-length
5998
server
BunnyCDN-SG-714
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires
Fri, 11 Aug 2023 12:55:47 GMT
last-modified
Wed, 13 Jul 2022 14:28:58 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
content-type
image/webp
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-uid
282460b1-e21e-44b6-a162-b4892cda4727
cdn-requestid
afcd04dc6ead65e43dcc063901a86402
cdn-requestcountrycode
JP
link
<https://www.onmsft.com/wp-content/uploads/2022/07/turbo-golf-racing-Custom-200x150.jpg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Build-2018-LinkedIn-200x150.jpg
ehsw47mb2ee.exactdn.com/wp-content/uploads/2020/08/
4 KB
5 KB
Image
General
Full URL
https://ehsw47mb2ee.exactdn.com/wp-content/uploads/2020/08/Build-2018-LinkedIn-200x150.jpg?strip=all&lossy=1&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.162.249 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-714.bunnyinfra.net
Software
BunnyCDN-SG-714 /
Resource Hash
8f109adb53866436ffe3f062904c913ab3675f29a80d39a932165a2b0e9f2c5b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
x-content-type-options
nosniff
cdn-edgestorageid
945
access-control-allow-origin
*
cdn-cachedat
08/12/2022 17:13:33
cdn-pullzone
369249
content-length
4588
server
BunnyCDN-SG-714
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires
Sat, 12 Aug 2023 17:09:04 GMT
last-modified
Fri, 12 Aug 2022 17:08:32 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
content-type
image/webp
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-uid
282460b1-e21e-44b6-a162-b4892cda4727
cdn-requestid
686672e4c44d489c929afd705bff1c27
cdn-requestcountrycode
JP
link
<https://www.onmsft.com/wp-content/uploads/2020/08/Build-2018-LinkedIn-200x150.jpg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
Still-Image_Xbox-Series-S_5_-Horizontal-View_Console-Controller-Custom-200x150.jpg
ehsw47mb2ee.exactdn.com/wp-content/uploads/2022/05/
2 KB
3 KB
Image
General
Full URL
https://ehsw47mb2ee.exactdn.com/wp-content/uploads/2022/05/Still-Image_Xbox-Series-S_5_-Horizontal-View_Console-Controller-Custom-200x150.jpg?strip=all&lossy=1&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.162.249 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-714.bunnyinfra.net
Software
BunnyCDN-SG-714 /
Resource Hash
3f2926ffb5ad064317f79450b05cc45682900920e05c4bba693a42d35527848d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
x-content-type-options
nosniff
cdn-edgestorageid
944
access-control-allow-origin
*
cdn-cachedat
08/12/2022 17:13:33
cdn-pullzone
369249
content-length
2080
server
BunnyCDN-SG-714
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires
Sat, 05 Aug 2023 13:50:41 GMT
last-modified
Sun, 17 Jul 2022 13:09:17 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
content-type
image/webp
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-uid
282460b1-e21e-44b6-a162-b4892cda4727
cdn-requestid
6845e97d1aa26bd85f390bc7a68548e6
cdn-requestcountrycode
JP
link
<https://www.onmsft.com/wp-content/uploads/2022/05/Still-Image_Xbox-Series-S_5_-Horizontal-View_Console-Controller-Custom-200x150.jpg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
robots.txt
t.skimresources.com/api/v2/ Frame A0C8
0
134 B
Image
General
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.6208833675511967
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
via
1.1 google
server
Python/3.10 aiohttp/3.8.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/
43 B
276 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=1.2736898682506943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/
43 B
102 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=1.2736898682506943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
/
r.skimresources.com/api/
177 B
388 B
XHR
General
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/88572X1541654.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
1cdc66c0c8cf2444d192f1262bc3b637751cdf454922b954505d986f1fc2d76d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://www.onmsft.com
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
cache
prebid.adnxs.com/pbc/v1/ Frame 7AFA
12 KB
5 KB
XHR
General
Full URL
https://prebid.adnxs.com/pbc/v1/cache?uuid=45132470-1a4c-4975-99e8-a8887bf263a3
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.524.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.250.0.199 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ba9d9b931448fb152aa31ad20ac4c6886c7ecb6d4404d1670c230f71c1b8ff59

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 03:21:59 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
Vary
Accept-Encoding, Origin
Content-Type
application/xml
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
widgets.js
platform.twitter.com/
97 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/wp-content/plugins/jetpack/_inc/build/twitter-timeline.min.js?ver=4.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.108.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4c9e097414ccbfdefb3354fe850aa98a9e015d3b9f05519050a0db68105f5ffc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 17:26:11 GMT
etag
"bd88345e54896fdf79f585f9d089e582+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=1800
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
29276
tw-cdn
FT
x-served-by
cache-iad-kcgs7200024-IAD, cache-tyo11955-TYO
g.gif
pixel.wp.com/
50 B
116 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A11.2&blog=144796107&post=251365&tz=-7&srv=www.onmsft.com&host=www.onmsft.com&ref=&fcp=1200&rand=0.3954351768835207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 13 Aug 2022 03:21:59 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
iu3
s.amazon-adsystem.com/ Frame AED8
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift&dcc=t
329 B
1 KB
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
6513dcf7ceada2c31e0304bfacaa4b971dae9b1018b0766813dcd0637e17a84f
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
329
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 13 Aug 2022 03:22:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
D931JCK4KSFSSTPGC30J

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 13 Aug 2022 03:21:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift&dcc=t
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ZNXD83NXJMGY1TXJ9DVD
2
www.onmsft.com/wp-json/wordpress-popular-posts/v1/popular-posts/widget/
7 KB
2 KB
XHR
General
Full URL
https://www.onmsft.com/wp-json/wordpress-popular-posts/v1/popular-posts/widget/2?is_single=0
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.0.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f5c074391deee162213458a9132cfd9189b70fb8b8938501165b9afacc88cb1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onmsft.com/
X-Requested-With
XMLHttpRequest
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow
GET
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7xTXBr3PwbmhpvwgC04VZ8OVfFZJo7vgWjzFTal%2BLPoxBVn3ZMDPfCtE3hXCCdKwf74%2FWLnLlY30Edzx%2BVuEaOBhzr8q4BYeDxYKQNaCEAW9jlpoQUbE59QPcLiU%2BtI"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-robots-tag
noindex
cf-apo-via
origin,no-cache
cf-ray
739e52e16cf480e7-NRT
link
<https://www.onmsft.com/wp-json/>; rel="https://api.w.org/"
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
808a3420c1e7b33179c94f51273b1571c2995315cd4e5b5b52d50b8efeb2acb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11093
x-xss-protection
0
rum
www.onmsft.com/cdn-cgi/
0
165 B
XHR
General
Full URL
https://www.onmsft.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
application/json

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.onmsft.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
739e52e17d0a80e7-NRT
vary
Origin
rum
www.onmsft.com/cdn-cgi/
0
165 B
XHR
General
Full URL
https://www.onmsft.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
application/json

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.onmsft.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
739e52e17d1380e7-NRT
vary
Origin
widget_iframe.6184048311ebe2b4d9580ce803ab4baa.html
platform.twitter.com/widgets/ Frame 986E
320 KB
103 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.6184048311ebe2b4d9580ce803ab4baa.html?origin=https%3A%2F%2Fwww.onmsft.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.108.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105445
content-type
text/html; charset=utf-8
date
Sat, 13 Aug 2022 03:21:59 GMT
etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
last-modified
Fri, 12 Aug 2022 17:24:17 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-cache
HIT, HIT
x-served-by
cache-iad-kcgs7200065-IAD, cache-tyo11955-TYO
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 03:21:59 GMT
settings
syndication.twitter.com/ Frame 986E
581 B
549 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=463c946ff32d686c1f64cdc3a144b9f03a5aaabd
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.6184048311ebe2b4d9580ce803ab4baa.html?origin=https%3A%2F%2Fwww.onmsft.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_m /
Resource Hash
6dcd8369f931573309d59db10fead98f9c972244097e0a64f32c882bae0934dd
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time
107
date
Sat, 13 Aug 2022 03:21:58 GMT
content-encoding
gzip
last-modified
Sat, 13 Aug 2022 03:21:59 GMT
server
tsa_m
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
ab2e664a6a20e495ac6bfe41d0c6549a79776a42657099ab60e7cb3914384a7a
content-length
268
csi
csi.gstatic.com/ Frame 7AFA
0
327 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l6rc0seu&c=1625187436481&slotId=812593718240.5&qqid=CP6ipbbuwvkCFUfIFgUdTmcPhg&gqid=1xj3Ytf3CeyH29gP1oSTgAQ&fb=ima_html5-lima&sdkv=h.3.524.0&mrd=12&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=2.0&ghmsh_eids=31061774%2C44731964%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&vmfc=1&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.524.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:809::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:59 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 7AFA
42 B
541 B
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bl9Ly1xj3Yr7bCseQ29gPzs69sAjoo6qURgAAABABIIOk1EU4AVjqh8m_gwRgifPFhPQTsgEOd3d3Lm9ubXNmdC5jb226AQs2NDB4NDgwX3htbMgBBdoBF2h0dHBzOi8vd3d3Lm9ubXNmdC5jb20vmAIywAIC4AIA6gI-LzE1NDAxMzE1NS8xMDIzNzg4LzcxOTA4L3B1Ymxpc2hlcjoxMDIzNzg4LXdlYnNpdGU6NzE5MDgtdmlkZW_4AoLSHpAD7AmYA-ADqAMB4AQB0gUGEPHjpPUVkAYBoAYkqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDgBx_SCA8IgGEQARgdMgKKAjoCgEDYCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=7Be_RsD50xY&label=video_ad_loaded&sdkv=h.3.524.0&vci=[CREATIVE_PLAYBACK]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7AFA
0
29 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJSCESKwDtf5jwYOkohi9p0AK_uKzY7dBA9YGbHPktU-GuSnyxLVL2NMpmXOpY4rpI7ZAkHxjkJ9P6G6i6lo29BX03T14iixYwdWAFMfhgD4H1_QswQgJJmqN0X5pCnfRC-Wz4Zbs3jPC8erep7FH-NpuGtzSAO8gTO-0u5A6FNcDFguTl9tLUVobmZ13etWEcVX5ZMDYo4qaJtSofTIe1Btal2wE8giqHyuh6UIpsOTsm8BbOPT6RiJi309Ysiv5S6Z2_0RMOKQv2SlaqXAZocJlpdf-2cLxK5Y0Mhf4pKNxRH5CcdU-JTEUaz1hxkQpmogDaM7B75PzZudZNqDB_sw0OHbZvA_huRHrbIZPYTlt-agwBCWZAz_ji&sai=AMfl-YSz0OYf5x9bSlrRKhqmxyTviFLrL2MWbVBN4rm6QPu6gY_34DwoCbL6caDUr3ND21MwCDToqxc_1eoq9_M&sig=Cg0ArKJSzGxCBwKLZCRzEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&sdkv=h.3.524.0&vci=CkYIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4ODMxMTM5NjkyDDEzODM3NzU3NzQ1MEBZCl0IARIQcHJlYmlkLmFkbnhzLmNvbRoJWWFob28gU1NQIAIqATEyDzEzNjE0LTQzMzkyMTI3MToFMTM2MTRAflIdJQAA8EEoAToHdW5rbm93bkIHdW5rbm93blAAYAEYAQ..&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:21:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 13 Aug 2022 03:21:59 GMT
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame 21C0
54 KB
19 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98c70924c1db08117f838a5745b335e09e688745d0ed2275a8ad057ea463edc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:15:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19652
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 18:37:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Sat, 13 Aug 2022 03:30:04 GMT
page
t.skimresources.com/api/v2/
22 B
43 B
XHR
General
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/88572X1541654.skimlinks.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.1 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:59 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.1
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.onmsft.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
cookie.js
partner.googleadservices.com/gampad/
387 B
458 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.onmsft.com&callback=_gfp_s_&client=ca-pub-1197011367764122&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
cafe /
Resource Hash
6e83f4927f4eb5d43c751377b1caf57adac25119387ed6536d049d20017df656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
integrator.js
adservice.google.co.jp/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=www.onmsft.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.onmsft.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.onmsft.com%2F&tn=DIV&id=tyche_trendi_video_container&ign=false&pw=1600&ph=1200&x=1575&y=1175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 38C7
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1197011367764122&output=html&adk=1812271804&adf=3025194257&lmt=1660360837&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.onmsft.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660360919189&bpp=3&bdt=3437&idt=294&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2836406618120&frm=20&pv=2&ga_vid=1533648303.1660360917&ga_sid=1660360919&ga_hid=340891715&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767667%2C44761792&oid=2&pvsid=3215188679422792&tmod=27785561&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=33792&bc=31&ifi=6&uci=a!6&fsb=1&dtd=308
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 03:21:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
o2shim
acds.prod.vidible.tv/ Frame 21C0
14 KB
7 KB
Script
General
Full URL
https://acds.prod.vidible.tv/o2shim?ssp=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.136.128 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-136-128.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e9f49503f884d44fe1d181f91a75590feada9777d2f0762c35bfdee09edbee6a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
gzip
access-control-max-age
3600
access-control-allow-methods
POST, GET, HEAD, PUT, PATCH, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-headers
content-length
6469
276771-featured-315x165.jpg
www.onmsft.com/wp-content/uploads/wordpress-popular-posts/
10 KB
11 KB
Image
General
Full URL
https://www.onmsft.com/wp-content/uploads/wordpress-popular-posts/276771-featured-315x165.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56578622a38706e267d73c827e0c19b9485c6b4327e5660d7e62fc4d51158c64
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17334
cf-polished
origSize=10758
strict-transport-security
max-age=15552000; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10164
x-xss-protection
1; mode=block
last-modified
Fri, 12 Aug 2022 08:04:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"62f60988-2a06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvyh37O%2BYs%2BIu%2FxafskJe7XyyJRLiyyDEWZylNCzMmHJJGa5RfuBQiPk7QajMOYQVXoDusEcgK14O2IrAT9LfxavpdKT6sZcUL07baKmKCyWfnB9hKPBg07pkob4Oei3"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
739e52e30f8180e7-NRT
cf-bgj
imgq:100,h2pri
276643-featured-315x165.jpg
www.onmsft.com/wp-content/uploads/wordpress-popular-posts/
8 KB
9 KB
Image
General
Full URL
https://www.onmsft.com/wp-content/uploads/wordpress-popular-posts/276643-featured-315x165.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2694cd2de3efe91fe1085c6ea8bb1a5a34f0b5800831651df121f4f4bc8e9909
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17334
cf-polished
origSize=8534
strict-transport-security
max-age=15552000; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8074
x-xss-protection
1; mode=block
last-modified
Thu, 11 Aug 2022 05:07:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"62f48e96-2156"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BiguzpPyC4glS4xbReqtYCduJOKhkrqMax6ShuEXmIedMemIwNphp3YJQKDMA8bn3ZZIKbVH4zVABqxer4DJPermkEXBo%2Bar5oMT3JSNCTcJaHTqd5dTfrLWgzOBe1d"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
739e52e30f8280e7-NRT
cf-bgj
imgq:100,h2pri
276601-featured-315x165.jpg
www.onmsft.com/wp-content/uploads/wordpress-popular-posts/
14 KB
15 KB
Image
General
Full URL
https://www.onmsft.com/wp-content/uploads/wordpress-popular-posts/276601-featured-315x165.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e6d2580c7099f9f441291075c74e11c818bbe21379122284e6560dec408bbfc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17334
cf-polished
origSize=15326
strict-transport-security
max-age=15552000; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14380
x-xss-protection
1; mode=block
last-modified
Wed, 10 Aug 2022 02:07:09 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"62f312cd-3bde"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4L2bJxFt0I0uH5aJEGs%2BiUJoZ%2FNrKMrW9TsqQTfrjUu6BX71mQ08lHU5pq5zmTRsGFtaQEzsPqPlDk%2F8ianj7PTafHvq78fPQPkDW5dyumBbXNiaxge1vsJ2dEmYDDhg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
739e52e30f8480e7-NRT
cf-bgj
imgq:100,h2pri
276785-featured-315x165.jpg
www.onmsft.com/wp-content/uploads/wordpress-popular-posts/
10 KB
10 KB
Image
General
Full URL
https://www.onmsft.com/wp-content/uploads/wordpress-popular-posts/276785-featured-315x165.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2293ae3cfba69a26b756fa75acad40468ae1e54ac62a2c7edb7b5e1ee09692cb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17334
cf-polished
origSize=10377
strict-transport-security
max-age=15552000; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9836
x-xss-protection
1; mode=block
last-modified
Fri, 12 Aug 2022 11:04:25 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"62f633b9-2889"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJGZ4uLovZW%2FpBOmuajKN0WqRdpF7%2BEabv%2BBhMznu74JYAwE6CbW3BAXvYgeyNjDoJFDnW30VJMMFyvTQx%2FcXTe0dIbmO87yciEo6VAPcMgwFF90NMSVVxU4wrvFCKFJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
739e52e30f8680e7-NRT
cf-bgj
imgq:100,h2pri
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A4AB
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
78417
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 05:35:02 GMT
expires
Sat, 12 Aug 2023 05:35:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CF83
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
56b41bac5bba7fe14c8ae5d00170eed4e558320af009865ba55b8b1936dab1ea
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7Rpg5enpFYnoIi8PimZ2gQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-7Rpg5enpFYnoIi8PimZ2gQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 03:21:59 GMT
expires
Sat, 13 Aug 2022 03:21:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame A4AB
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:52:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
329365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:52:34 GMT
clarity.js
www.clarity.ms/eus2-b/s/0.6.39/
53 KB
23 KB
Script
General
Full URL
https://www.clarity.ms/eus2-b/s/0.6.39/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/3vjoryfbqq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1666 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
br
etag
"1d8aded9e2caaa1"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
01xj3YgAAAABe2fwAHLdlSIVUIqxaduCoS1VMMzBFREdFMDMxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A154E85478F14166AAF54B23048B3E21&RedC=c.clarity.ms&MXFR=23341CE4EC5267AB14F00D1BE852696F
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A154E85478F14166AAF54B23048B3E21&MUID=195BE5D44B0764A6224EF42B4A5A65EE
42 B
443 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A154E85478F14166AAF54B23048B3E21&MUID=195BE5D44B0764A6224EF42B4A5A65EE
Protocol
H2
Server
52.231.207.240 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:59 GMT
last-modified
Thu, 28 Jul 2022 17:59:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"ef5691daaba2d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 68556616C15643ADB6D786FC40422A31 Ref B: TYBEDGE0814 Ref C: 2022-08-13T03:21:59Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A154E85478F14166AAF54B23048B3E21&MUID=195BE5D44B0764A6224EF42B4A5A65EE
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame CF83
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081001&jk=3215188679422792&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame A4AB
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?tCCX6A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012207221643000/ Frame 742B
220 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
385433
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61462
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"006401e583f0e23c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:06 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 742B
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
385433
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5196
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bc8caad49b08d8fb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:06 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 742B
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
385433
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28864
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"14e9be8f3cf5efda"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:06 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 742B
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
385433
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fcd376918b45715d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:06 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 742B
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
385433
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12959
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fd6c62727a90c1dd"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:06 GMT
css
fonts.googleapis.com/ Frame 742B
8 KB
893 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 03:14:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 13 Aug 2022 03:21:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Aug 2022 03:21:59 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 742B
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 22:04:41 GMT
x-content-type-options
nosniff
server
cafe
age
19038
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
15880770647744369592
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Sat, 13 Aug 2022 22:04:41 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 742B
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 18:56:09 GMT
x-content-type-options
nosniff
server
cafe
age
30350
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 13 Aug 2022 18:56:09 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 742B
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CHmt21xj3YuqED_SJ29gP8IW60AKQkJ_ga5W8opruD7CQHxABIPub1UlgifPFhPQToAHhgejXAcgBCeACAKgDAcgDCqoE8gFP0FDSrkpV-TCfkpg-GJ4-hA3yjkRsgIrLstS94MXg65rJedTSNHepZb9tyJwz0Z2buWBsmV7nnWOa_CAee1X0Tshz5HFUsp01zztVPEUtX8qPm7ZKj7zIYPwjCATVG_qSu0u7D1ymHI3hhF9x2HYYe4Pywp1tMBU4jacLUdnYfHJ3HkEiyF_g96MzDuPbfQM5pTiUvvnX9JDQcWSJRiMIjHZn0MY_-uL-rpF5mehIUi0vnOhnuEMwDvAAM2Nz_-fZufGmule2nCFtCHgGYmpgz4iQz8y9jWa5WtD5dml-4b1UdztUxGBHEip1idSFi9yUwsAEvJb4vPkD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4f-l6gCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQiK0H0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi0xMjYyNTQ0OTMwNTg1NzkwgAoDyAsB2BMMiBQF0BUBgBcBshceChwIABIUcHViLTU4MTIzNTczNTIzMzUwNzUY26Ih&sigh=HwE6Th74m10&uach_m=[UACH]&template_id=5000
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

container.html
08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 21CA
6 KB
3 KB
Document
General
Full URL
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 03:21:59 GMT
expires
Sun, 13 Aug 2023 03:21:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 49D9
6 KB
3 KB
Document
General
Full URL
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 03:21:59 GMT
expires
Sun, 13 Aug 2023 03:21:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.jp/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=www.onmsft.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.onmsft.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
49 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3215188679422792&correlator=1985645216914612&eid=31068922%2C31068927%2C31068929%2C31068942&output=ldjh&gdfp_req=1&vrg=2022081001&ptt=17&impl=fifs&iu_parts=154013155%3A22522311865%2C1023788%2C71908%2C1023788-71908-bottom_rail&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x6%7C728x90%7C970x90&ifi=7&adks=511371740&sfv=1-0-38&fsapi=false&prev_scp=pos%3DFIXED%26slot_id%3Dpw-oop-bottom_rail%26refresh%3Dfalse%26amazonBid%3Dfalse%26custom_path%3DROS%26lld_id%3D37a0bb34148d4e8da1d984ec781ea38860919150%26hist_viewability%3D10%26price_floor%3D0.15%26in_view%3Dtrue&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26sitecont_cat%3Dgames_hardcore%252Ctechnology%26hb_test%3D2022-07-08_b%26hour%3D3%26day%3DSaturday%26OS%3DWindows%252010%26browser%3DChrome%2520104%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.5.24%26kver%3Dv1%26ab_test%3Dna_A%26ad_clicker%3Dfalse%26got_consent%3Dtrue%26page_focus%3Dtrue&sc=1&cookie=ID%3D0e92d614cd1d19f3%3AT%3D1660360919%3AS%3DALNI_MYlFFmd48RTaMzLzMASOM0BH4JIRg&gpic=UID%3D0000088d7fe9374c%3AT%3D1660360919%3ART%3D1660360919%3AS%3DALNI_MalCWB3EhQMPr8CYEgfAE5aHcSv2g&abxe=1&dt=1660360919801&lmt=1660360837&dlt=1660360915751&idt=1312&adxs=2000&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.onmsft.com%2F&frm=20&vis=1&psz=4000x5800&msz=4000x90&fws=1540&ohw=4000&ga_vid=1533648303.1660360917&ga_sid=1660360919&ga_hid=340891715&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
cafe /
Resource Hash
319db53f1824a7c636216b098e6d36652e7612c6db399562968a11dd98450f72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11944
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/16943532509819301523/ Frame 742B
24 KB
24 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/16943532509819301523/downsize_200k_v1?w=600&h=314
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0803eee048c3034aacd424103c8de780a0922bcc07f863c8db29540b32142a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 09:03:18 GMT
x-content-type-options
nosniff
age
411521
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24985
x-xss-protection
0
last-modified
Sun, 26 Jun 2022 12:32:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 09:03:18 GMT
truncated
/ Frame 742B
206 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 742B
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 742B
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd014c50668d43b8360d217eb3916e82336ecb1958a2495584d379617327d568

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
0.js
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.82/ Frame 21C0
319 KB
103 KB
Script
General
Full URL
https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.82/0.js
Requested by
Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?ssp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:9c:800::11 , Taiwan, ASN38033 (YAHOO-JP2-AP internet content provider, JP),
Reverse DNS
Software
ATS /
Resource Hash
415522d8ed63727924c2a9dcfe8ee62e86d97f0860aa9d73103efccef9e6c969
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 01:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
784728
x-amz-server-side-encryption
AES256
x-amz-storage-class
STANDARD_IA
vary
Accept-Encoding
x-amz-request-id
B09DMAPDVB1AV5Z0
x-amz-id-2
4rXXiYmlZmQdN+bZJIdS+bA/C/hXuRIxMBn80Xdkf0CHmx2zp8MvvQh+2ObB2mn6G5kQ0sV0VS0=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 Oct 2021 12:07:18 GMT
server
ATS
etag
"ad866575d644f8b5c5d7a56ff730d7e3-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
x-amz-version-id
null
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-type
application/javascript
impression.gif
trk.vidible.tv/trk/ Frame 21C0
0
67 B
Image
General
Full URL
https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=56bcd17ce4b018167fea5539&s=true&pv=10.2.82&ifr=true&cb=0.6493249668925072&pt=o2unit&sid=0536cf9d-89ad-4794-805c-b78387c7a119&r=https%3A%2F%2Fwww.onmsft.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.103.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-103-248.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 742B
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.onmsft.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 08:54:28 GMT
x-content-type-options
nosniff
age
498451
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Aug 2023 08:54:28 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame BF4B
448 B
271 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CInlNxCTpK4BGKSApEowAQ&v=APEucNWmNhdYstv1WfabriC7TJ9VX2jBYIrkt0Vb-Uhocea7QOE_YauuwD5zLrdonVt6jhTCC4nTMXIX3B5lfHs4iYhY8M7xQQ
Requested by
Host: 08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
URL: https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
248
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 03:21:59 GMT
expires
Sat, 13 Aug 2022 03:21:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 49D9
27 KB
16 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CrHliq-W00De6S4s-glYkriBiLVXAb0T4IXbTz13IlJGi0ljD3ODVyU9O1a95ci41RxK92o7WbGJNmSAcEBGZx9x-NUmSY5V2koRee8FJNeIOZ7252u2p5icrTrXjnrUYfs99PiCU_Nl5K6xd7MkGOOriogQ&cry=1&dbm_d=AKAmf-DN6YvtZVIUGJnMKhsvwR4L50Vrv5U3GiOR7K5tz4vWlYPoG29oflUyW3Z3OOdrQqrgULllClPnSQWlGs7VeYO9Yt-5_o6jpFcE51RFnFRsts3USXfzAfZtgnEnrtB0iV5yVw-LOWOr3bpe1x0uFsJCaHs_DtnjZMECnmHPPOGlzEx3M10x2gVV6kAkNWJ7Ah5pMQRKca1hv1pEVb1UQT0hMcF0Ue4g9pxr8stHivEK9bwTLr6ztBTxhcnUT2ximbboZ9FB6TtPyegAE5p2vLQ5a8t8_Cibwex0f-RBAT_-vqHhFj1jVG1yx6G12fbfAsnOn37yowS6pLdbg4n2NWy05eG7w0tJbjj8wUkJpRIdzkFbM_8qW6zqYaCrKYkiCrJcCTLYJXwvwi77MLuYcCMEoRuF4xZzoPl4qWqFn-D0j3a1Z2htu3KMbLQ-gw28ml3MShqaTUuc2Obpe_KV2W-8qgtkxeY9_HqJ7wBFZOKhL35sFaXl3e-e8lpUjkj2w-KwW5qaRbcNFSzjz6LVlGFcMc2ZMpQNnCKRajEwTrsEYJObagAVrMQQtdnLtqvnopN1dhATQ_V0DAeb8tN2XYxK02Nr6HH_l71tsFO85osUKdiy4AUgx8PP2KN3caUaVe0u8txoeVBOtDG-Pr1eYZWkg2BpCBtZhxnuGWvysnJ48zIO6Et59N08tVyWfyCTZGZ-GjWwJRbaZRDlVxgOvqf2ENP7AJg6Mgu_KW9KfZOZaSHaNhDLUqw--8Fy2yMxIVqBDAHSyjhe-6GpnwzuKk-QwBAFnUFAPpUH7m-FNRVEdokgOPnXoIx4J_nqLQnOGg5eQ6Fva9YBjd0CVKGQFvv4kSQlg6f_AGsqIzpw0y75ra75xFC9s-DDDdlWV7j86m5sZVRHAltbZK9FVS8NOtGj3jrDbNd7OuEh1_5Vtn0v_Su_jwRIA840CCk3T3tBvsK3pSZk3o3LDva2eVGpmNd19AnI7FZZIB9p3q2Fb1Zt-4xM3uzxggCpAvfokBVPnY3jTbSAy3MI83e5zonTPeygi3pEDcVVMfumNjDz3lHS4_qojTBINqVubVGw_ICvGyYPSHp5CBCDr4BQvY2AdKWCoNF72DsQNMpFh0_HjEkCSf4kfVABIv0CirkTBHDf7jpnHLWnZvEs9y1WRFXQ5jjs7gWss7-baJSNqlRb_ClltM04J97Apv_KeF6Fes9psKKKejSe8w3HCOXzNUAm0JmQgVblhqhJ-Y5YLKHWdcKZPk_zLmhANcihg9r_q0wfhCQqY82wks02OkdUUr_x4CDUMuz7i9xcG1R3g4m7a4g1qjYo4V2X-aBplZ1QgphuYfhZpKqElZh33xqVyxVxurQx2WfrbKkTF71HTe4mAORqTncLsv88kbu8cVJJxnCl7iRREVt6Wam6sHV6e-H5ek2RHzl_lSsp69qQ7O8V380KVzx-UI9f3MX_1HS67b1oA9ycQWqkWb2WSwQeFboo5pziWqGDozvybQuqY3lTJQDAwJSX8LRM4E2wUJ8gCB_JvYbgSVZGTSUF9C93uOodlzFyJyyL-V0L5SrzAyKH3YO5aMlR4Ri5z5C7O0G0oQlYjNlwwWuof9QrntUKJED3tps4w0KxJjwCShwOA58VkYMq1xgLKdQqKQPz4Qh3Nhux8u3sWaUF6rJ8AXX1MdP22iNbn4TSgLeUG0TSbvNA1fLyL4Dp7rMVbNqpsDl81Ee0rdK-UmJxTFrOTHA8I54LjPaoFV4PMZCoEFYbXUPMlX16tDJg7PCKQEcRltyt9ctFv4x2TCfbcYTMlXfwD2EFKAy1dI7FF-C6b8JblueOwUjjUGUR9-m2y2LVuRppCYa206sYakRARLJWyPYw0xcuX4cNWYGUYJLVCiV52TyC8aKJGLmpoaWp1gLmEDKB0_q86W2MLA-xZ1k2S0Z62-UjUyNTXCKwDXG4ufKM8KflW0MJamHLBEDYpsVVPtDZUBsTaFJyi8hv8GptfLatPOqE0jyErb4nHQQQF9u2v9WpDSAmCYcWagz9CHw7yWukhFittSIEqhRL9Jl0Ss5oaiNtYFW6ho6hnmyW9xXT7CfjGfo7WC2um9tg0KUPByYerJkr4bNhgNT8It28NT6jkrqG--7fUKsg_AZY9ndhkAG6Gb6R7LFnBD2koxT8Vs0AeV0cQt_2zhoDESRt3vyPSaMwbPLP_2smDPlFdlbrhNlIF7Z8hFu9ZI3AMHauJq_CdU2iw3T8PfHty40fLeatlHinLHZ92Xb_DXgDNnKzESolkQezqxHkwekOVHoLbJ4tVQvZlqg0RnP2EFifC4hpKtMVQqr0Lf7OeLdcWvTaUjBFpysEfpgdOSPjnfNexD5ur3n7j9R3EWedzcuK_Mlbz8UxRBdpPeZ_6tq1wVn702gsTTbaxbOujWt4OjPTImBjCJYh_PeBEOdVijEg3-fOFUCD1MXeI08F7myX1M9r1H0-EMGRPRZGMA2qs5C65djJR7mQqTB0LrYqALZoCotVn7E760luDIIhQhcRW-O56SbcG4KsH5dr8qV-H7QPOkFdEgPiEYXhHgd0Shjo5OGEYFmn_5L1B2Hh9ldC35dsZgUW0WXTidR3uEkGgmMkc4yl9u_BMAbuxlcDht9xvL8uLtMYwMU0jKDz2x4WP5Wm-f-s-q-2rsco3ZmiYnr_DfdCisFkoBtr6g6odGtymau02v5HUh4ERJtPMhXJcH-WpdRVxJph07FjIHbUcPvWUXYl6VxFGjannpnAJl6Yzn515saFALVlbo5k86O__6EwYK5l-vwPX0CFez3PFoTdXUJY7MXcFKzJjqxznvrdgjrAfseBTwz87jw0t4LzerU-vB21C8X_crmFAI5YT0uZMoQuEOu08iIBNSrnHFTRDS8KIGYqXwdKqW3ALP1f-I3kwOKINBgz4TPLfgRrJ77XXtJKdaf5eGZ0_AukiGY-_rgeybHdMydt1x3ctfhYwoKnVZ32RhFMP3IGAboPyURPqmTeYGe68cToyz8T18mCVi3poQWr6xC-gsbhFr5b2bJar7eq7aLzyZ3YtZ4-whqNalb0mL4Ms5T10Lpy_rKe4VB_4ad798vtoQuQGpyhhjFUFspA3PLzVZ3Hs1ZD4ab4XY9bF7jUgqWRTgxwP2NZ_hAN1EVH-peTT8Shq13iiKuMPTuTlcafdlFeBiQs0zTH3h20PxE_ITzVhPTrhKTWhiC1DQxyrSWheo-l-_X4ypKOr50QYB7QNc8EJVQ&cid=CAQSLQCsnQUxUMBr40wcAwLo1q6q7Hw1BbN2IdB8WSJ6wMDfLb2trCJ2wn7Cq1m8_w&rfl=1%2Chttps%253A%252F%252Fwww.onmsft.com%252F%240
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05df3b5cb8720fe729798b11e4a91b12627f121b516fb692128b8fc5e03b9aa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16684
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 49D9
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CogbdSFnd6c0I9-z6TAsr2DLROlvq4qIUJ6-G8qIGThwVtgLZQazy1CSwHq51JvxNrCBKxYuhWZOMguWU2VOlGvz55Io9Zi9RxrBHfTN__MkBeMkI
Requested by
Host: 08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
URL: https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 49D9
23 KB
9 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
URL: https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 02:40:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8749
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 21:33:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 13 Aug 2022 03:40:31 GMT
beacon.gif
atm.im-apps.net/a/ Frame 49D9
43 B
240 B
Image
General
Full URL
https://atm.im-apps.net/a/beacon.gif?cid=1001099&c1=dbm&c2=39696094&c3=https://www.onmsft.com/&c4=10137540
Requested by
Host: 08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
URL: https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.216.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.216.120.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
src=8731124;dc_pre=CMKt1LbuwvkCFUxdvQodFaAMzA;type=invmedia;cat=3920_0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/ Frame 49D9
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=8731124;type=invmedia;cat=3920_0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
  • https://ad.doubleclick.net/ddm/activity/src=8731124;dc_pre=CMKt1LbuwvkCFUxdvQodFaAMzA;type=invmedia;cat=3920_0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
  • https://adservice.google.com/ddm/fls/z/src=8731124;dc_pre=CMKt1LbuwvkCFUxdvQodFaAMzA;type=invmedia;cat=3920_0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
42 B
63 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/src=8731124;dc_pre=CMKt1LbuwvkCFUxdvQodFaAMzA;type=invmedia;cat=3920_0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
Requested by
Host: 08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
URL: https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://adservice.google.com/ddm/fls/z/src=8731124;dc_pre=CMKt1LbuwvkCFUxdvQodFaAMzA;type=invmedia;cat=3920_0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 49D9
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: 08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
URL: https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 03:20:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 49D9
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
URL: https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:16:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 03:16:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 49D9
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
URL: https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 03:22:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame CCD3
448 B
271 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnLQRDu7pXaAhj-uMzBATAB&v=APEucNVZ0LDjSJa-czculX6ZES-zK7mT-8Z4rDwGoTmWTA5-9D_dGOLgEN_lp0CL6kqI3qUXqmGbF6JgtTV0y_1Prbr-65IVgw
Requested by
Host: 08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
URL: https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
248
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 03:21:59 GMT
expires
Sat, 13 Aug 2022 03:21:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 21CA
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite_fy2021.js
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 03:20:07 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 21CA
6 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d4f6e28cf855271fabcd5fccb24e71ef842e3ffa3c33795d9ddd9d3a1e3a46b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 02:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1985
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2640
x-xss-protection
0
server
cafe
etag
4024001306453174559
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 02:48:54 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 21CA
0
110 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-GwtbMQE3bQIyljfRm5OadN6t7zWU2o4xJ-fVqxNSYkGhCRGjdZ4YIDvhIecKpJ2gSzFgy-UWIPjtF-gmeo8rDeRw296Dwl6KbRQi8i2l_wWBButfZmdt3xPfek_W4NLKt2oDLaKP7ou_q03q-vvc44LBKrPiV3rRDvVkcUyyuBxJPIEkyGuyHaL_bB7SsbsZtVu2ByXlfOYBzZ2VXoyCWyJrODnBJ8SnG8qYgmz9_iBStaHvi8qv48ybtdekBGhafa0JF9WI5BGavghhZc1QXiwpf_Qw6jMTzWFTe7SxA5xj6ykFSolrH3ffXFIxqqatMaDgc3Xq8j6EKRJwPeuJVfoog3ic8FcQRle-LQbQmCsrjQj6meF2JWA6o55gM6pznuzpcfCECMH4cqLUa534z3XU7D6rHBXuLRGSzPHmubkvXFVEQI8df2jqdm2JjAwoTaX1W7xuMcK3VFXuG0tIvoZ9l-pyAUWWdkXPMviyrfce6MdikwZhyBeuvTM6fw16X62fFT-OJ5Ez0RIYoSk54fa4zJkE8nlDD1FefJhGvWgxRR43TZyXDppyOP0a616wIy4AuGtyhgvpwvnm088ZZgiif_eBkZO4FI3qBh_8jsOTSptqf7egw7gpVdhTMKaUKIiD7UGtoQ1eC1J3xC-L9Ne4l31SZu6t3nr2iZjtautgLHs_JrssIZCiyHswfa29N6hR57DDyEbcUp-TtaygRECSGQlwB2Cb2AC_5JrPNqGVbGjy1EhKV3cTF_OCIXPQIDeqKl5_V3-cvxliCfUgcifyKgb3hI2RRMeafaQEAim93NBlvB7fDTm7B3JCsm4tUygkbJt6GYPqqvc1jMm_vNFOg4YwtT2zrXr9yHy2LVTznwTMaxPYUIUROViiBq3Cex4lJhzItAPDpsFvrb1kX61544o0J427BS9tMRdQY5aSBu4IMyUiItam9A4J2tbs-yhnDPwU7yjgSXMTnzq6vLyq1PL7Jomvp-HQdci-XTItV4I8VtSRNBHrMKmNkC37vQgqFqWmHJihszFCTbuSISkHxCsW5JuXLUAafrUw4dKOYB0xyqBR73OgWxyla_51vBst8n-Fsk0Wz-vaiN_SaumxiI9oNsZIVKFH8n2sE45XQYkxUNtQ1Y_XXWUvk6FtIbeotjSDiDPeHE2dKA5JnBvaZNBcu89FZ0Gkz7_r3WJPkmJRVQ1CJnhwdokRbF_Uo8oJ-suNNlHocufqHHmY_0xm&sai=AMfl-YQpCQwpHJYrfT6-lF-1D5qqvVS9QuWT-ersMA9OdZxzm6A8nJkSN6lJP9swkdO9GJ1hTI6ypeFmZfSy2F2ihvhRgIWPVrec0we1McG4P5HqUgFk5KKEgPgdtsA_cfjUImk2q-QP0mbs8IU9pBNDEo6g6PJXQybVrTClXo6SXoP0SnS4KMapHcgwkAy73FUvKpr1qteY9Uj801PxxdcBaozlYK3ZnoJVTfRuCyy-xooZNWIRlsLcSf448F_iMjsi893zWyWUTweF87ylrs_2e8J6lSyPeomz6M_eSUqLx1WK3mmTycipJocpPHY&sig=Cg0ArKJSzG6cVMuyPZYeEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220810.12643&adurl=
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 13 Aug 2022 03:22:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 21CA
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 23:16:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
446753
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Aug 2023 23:16:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 21CA
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A3AjAp7JtCAnU8F94O_nXtUTE7knKY4-A6zrIxfRCPFjO7FZK3_41Gr32ZS6NGkprKF-mxLlCetBG42cZ7SuVZ-UY9ZYEibnt3R3h8soVZJd8D-Ns
Requested by
Host: 08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
URL: https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B26546237.315508380;dc_pre=CIGq1LbuwvkCFdoHXAod1FwGzA;dc_trk_aid=508209432;dc_trk_cid=158844906;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N510008.279382DBMMEDIACOMSINGAP1/ Frame 21CA
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N510008.279382DBMMEDIACOMSINGAP1/B26546237.315508380;dc_trk_aid=508209432;dc_trk_cid=158844906;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatm...
  • https://ad.doubleclick.net/ddm/trackimp/N510008.279382DBMMEDIACOMSINGAP1/B26546237.315508380;dc_pre=CIGq1LbuwvkCFdoHXAod1FwGzA;dc_trk_aid=508209432;dc_trk_cid=158844906;ord=[timestamp];dc_lat=;dc_r...
42 B
63 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N510008.279382DBMMEDIACOMSINGAP1/B26546237.315508380;dc_pre=CIGq1LbuwvkCFdoHXAod1FwGzA;dc_trk_aid=508209432;dc_trk_cid=158844906;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: 08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
URL: https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.42.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:59 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N510008.279382DBMMEDIACOMSINGAP1/B26546237.315508380;dc_pre=CIGq1LbuwvkCFdoHXAod1FwGzA;dc_trk_aid=508209432;dc_trk_cid=158844906;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 21CA
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: 08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
URL: https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 03:20:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 21CA
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
URL: https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:16:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 03:16:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 21CA
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
URL: https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 03:22:00 GMT
17706656174712071943
s0.2mdn.net/simgad/ Frame 21CA
14 KB
14 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/17706656174712071943
Requested by
Host: 08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
URL: https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dab14f865c30fab8ebd789abe94ce37ec4ddf6271a96cdc2db3ea9cc01eb8517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 05:56:08 GMT
x-content-type-options
nosniff
age
422751
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13996
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 03:01:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Aug 2023 05:56:08 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FB2B
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
322441
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 09:47:58 GMT
expires
Wed, 09 Aug 2023 09:47:58 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
pagead2.googlesyndication.com/bg/ Frame FB2B
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:03:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
328739
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14301
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 08:03:00 GMT
pixel
cm.g.doubleclick.net/ Frame BF4B
Redirect Chain
  • https://s-cs.send.microad.jp/cs?key=google_1
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInlNxCTpK4BGKSApEowAQ&v=APEucNWmNhdYstv1WfabriC7TJ9VX2jBYIrkt0Vb-Uhocea7QOE_YauuwD5zLrdonVt6jhTCC4nTMXIX3B5lfHs4iYhY8M7xQQ
Protocol
H2
Server
216.58.220.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s30-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 13 Aug 2022 03:21:59 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
strict-transport-security
max-age=31536000
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
*
timing-allow-origin
*
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length
0
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame BF4B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHh_iZ8_yA_tqFd5mWZ6tFk&google_cver=1
43 B
900 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHh_iZ8_yA_tqFd5mWZ6tFk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInlNxCTpK4BGKSApEowAQ&v=APEucNWmNhdYstv1WfabriC7TJ9VX2jBYIrkt0Vb-Uhocea7QOE_YauuwD5zLrdonVt6jhTCC4nTMXIX3B5lfHs4iYhY8M7xQQ
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
739e52e6cd6f80b7-NRT
pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6APwOGPw4I6v3dHF4DSWaXZL6U%2BLr6MS89TU3N%2Bytu0cTWhfWneMHj1c8D0%2FSaNUUG8vkPVPjSg1i4lpz2%2F5ls7%2BdhABaqEqcDReAncVvenf71AgVwPyYnJNUDlDkkwt3xRea8rbqB7cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHh_iZ8_yA_tqFd5mWZ6tFk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BF4B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://r.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvcY17Cq6TOXz9UsYoHfIwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHh_iZ8_yA_tqFd5mWZ6tFk&google_cver=1
43 B
904 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHh_iZ8_yA_tqFd5mWZ6tFk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInlNxCTpK4BGKSApEowAQ&v=APEucNWmNhdYstv1WfabriC7TJ9VX2jBYIrkt0Vb-Uhocea7QOE_YauuwD5zLrdonVt6jhTCC4nTMXIX3B5lfHs4iYhY8M7xQQ
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
739e52e6ad4780b7-NRT
pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8%2F9Yjz%2FLYJdjRcIS33Xu30LP3r0tJueL79aEszcjXPDQZ2yzRJtDT%2FWhkHR5TPY%2FWg7BWsK%2BU%2BKXN4h2Ml08gg%2FdXwk8nnGCAUh3vSgbdCAoIn3ZFFzcWwGgXlgS1C9nflPyiGW001M1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHh_iZ8_yA_tqFd5mWZ6tFk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CCD3
Redirect Chain
  • https://s-cs.send.microad.jp/cs?key=google_1
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnLQRDu7pXaAhj-uMzBATAB&v=APEucNVZ0LDjSJa-czculX6ZES-zK7mT-8Z4rDwGoTmWTA5-9D_dGOLgEN_lp0CL6kqI3qUXqmGbF6JgtTV0y_1Prbr-65IVgw
Protocol
H2
Server
216.58.220.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s30-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 13 Aug 2022 03:21:59 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
strict-transport-security
max-age=31536000
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
*
timing-allow-origin
*
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length
0
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame CCD3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHh_iZ8_yA_tqFd5mWZ6tFk&google_cver=1
43 B
936 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHh_iZ8_yA_tqFd5mWZ6tFk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnLQRDu7pXaAhj-uMzBATAB&v=APEucNVZ0LDjSJa-czculX6ZES-zK7mT-8Z4rDwGoTmWTA5-9D_dGOLgEN_lp0CL6kqI3qUXqmGbF6JgtTV0y_1Prbr-65IVgw
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
739e52e6ad4480b7-NRT
pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Frkx111C4X5utikei2ZbBf5t4tLrzsUTrcYEW%2B2AFExxG5CBbka%2BoZCTOmeAgH16swL%2BABxOjWGuEfQi%2FDGFEp9ba3SiOQeTOfKRBpMrBB1ZH19N3uHqIFHz5hQa%2F1vrlAQNMY4le1vZCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHh_iZ8_yA_tqFd5mWZ6tFk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CCD3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://r.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvcY17Cq6TOXz9UsYoHfIwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHh_iZ8_yA_tqFd5mWZ6tFk&google_cver=1
43 B
897 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHh_iZ8_yA_tqFd5mWZ6tFk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnLQRDu7pXaAhj-uMzBATAB&v=APEucNVZ0LDjSJa-czculX6ZES-zK7mT-8Z4rDwGoTmWTA5-9D_dGOLgEN_lp0CL6kqI3qUXqmGbF6JgtTV0y_1Prbr-65IVgw
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
739e52e6ad4c80b7-NRT
pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WP8BDy3OmZr8EW4tPBvglOnNW1MrT8oKzodhI4GzH3nNLpYP0Q%2BLaVQRAyzxzbARj8Ihx9jAKgffC8aOjMVfoq2xl7OJ28C3xHljfBWOI55vwBnqMuDbNP40Y%2BoWi68LP2zFP5bGDRhl7g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHh_iZ8_yA_tqFd5mWZ6tFk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 21CA
0
575 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-GwtbMQE3bQIyljfRm5OadN6t7zWU2o4xJ-fVqxNSYkGhCRGjdZ4YIDvhIecKpJ2gSzFgy-UWIPjtF-gmeo8rDeRw296Dwl6KbRQi8i2l_wWBButfZmdt3xPfek_W4NLKt2oDLaKP7ou_q03q-vvc44LBKrPiV3rRDvVkcUyyuBxJPIEkyGuyHaL_bB7SsbsZtVu2ByXlfOYBzZ2VXoyCWyJrODnBJ8SnG8qYgmz9_iBStaHvi8qv48ybtdekBGhafa0JF9WI5BGavghhZc1QXiwpf_Qw6jMTzWFTe7SxA5xj6ykFSolrH3ffXFIxqqatMaDgc3Xq8j6EKRJwPeuJVfoog3ic8FcQRle-LQbQmCsrjQj6meF2JWA6o55gM6pznuzpcfCECMH4cqLUa534z3XU7D6rHBXuLRGSzPHmubkvXFVEQI8df2jqdm2JjAwoTaX1W7xuMcK3VFXuG0tIvoZ9l-pyAUWWdkXPMviyrfce6MdikwZhyBeuvTM6fw16X62fFT-OJ5Ez0RIYoSk54fa4zJkE8nlDD1FefJhGvWgxRR43TZyXDppyOP0a616wIy4AuGtyhgvpwvnm088ZZgiif_eBkZO4FI3qBh_8jsOTSptqf7egw7gpVdhTMKaUKIiD7UGtoQ1eC1J3xC-L9Ne4l31SZu6t3nr2iZjtautgLHs_JrssIZCiyHswfa29N6hR57DDyEbcUp-TtaygRECSGQlwB2Cb2AC_5JrPNqGVbGjy1EhKV3cTF_OCIXPQIDeqKl5_V3-cvxliCfUgcifyKgb3hI2RRMeafaQEAim93NBlvB7fDTm7B3JCsm4tUygkbJt6GYPqqvc1jMm_vNFOg4YwtT2zrXr9yHy2LVTznwTMaxPYUIUROViiBq3Cex4lJhzItAPDpsFvrb1kX61544o0J427BS9tMRdQY5aSBu4IMyUiItam9A4J2tbs-yhnDPwU7yjgSXMTnzq6vLyq1PL7Jomvp-HQdci-XTItV4I8VtSRNBHrMKmNkC37vQgqFqWmHJihszFCTbuSISkHxCsW5JuXLUAafrUw4dKOYB0xyqBR73OgWxyla_51vBst8n-Fsk0Wz-vaiN_SaumxiI9oNsZIVKFH8n2sE45XQYkxUNtQ1Y_XXWUvk6FtIbeotjSDiDPeHE2dKA5JnBvaZNBcu89FZ0Gkz7_r3WJPkmJRVQ1CJnhwdokRbF_Uo8oJ-suNNlHocufqHHmY_0xm&sai=AMfl-YQpCQwpHJYrfT6-lF-1D5qqvVS9QuWT-ersMA9OdZxzm6A8nJkSN6lJP9swkdO9GJ1hTI6ypeFmZfSy2F2ihvhRgIWPVrec0we1McG4P5HqUgFk5KKEgPgdtsA_cfjUImk2q-QP0mbs8IU9pBNDEo6g6PJXQybVrTClXo6SXoP0SnS4KMapHcgwkAy73FUvKpr1qteY9Uj801PxxdcBaozlYK3ZnoJVTfRuCyy-xooZNWIRlsLcSf448F_iMjsi893zWyWUTweF87ylrs_2e8J6lSyPeomz6M_eSUqLx1WK3mmTycipJocpPHY&sig=Cg0ArKJSzG6cVMuyPZYeEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=78&vt=11&dtpt=77&dett=2&cstd=0&cisv=r20220810.12643&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:22:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 49D9
30 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CrHliq-W00De6S4s-glYkriBiLVXAb0T4IXbTz13IlJGi0ljD3ODVyU9O1a95ci41RxK92o7WbGJNmSAcEBGZx9x-NUmSY5V2koRee8FJNeIOZ7252u2p5icrTrXjnrUYfs99PiCU_Nl5K6xd7MkGOOriogQ&cry=1&dbm_d=AKAmf-DN6YvtZVIUGJnMKhsvwR4L50Vrv5U3GiOR7K5tz4vWlYPoG29oflUyW3Z3OOdrQqrgULllClPnSQWlGs7VeYO9Yt-5_o6jpFcE51RFnFRsts3USXfzAfZtgnEnrtB0iV5yVw-LOWOr3bpe1x0uFsJCaHs_DtnjZMECnmHPPOGlzEx3M10x2gVV6kAkNWJ7Ah5pMQRKca1hv1pEVb1UQT0hMcF0Ue4g9pxr8stHivEK9bwTLr6ztBTxhcnUT2ximbboZ9FB6TtPyegAE5p2vLQ5a8t8_Cibwex0f-RBAT_-vqHhFj1jVG1yx6G12fbfAsnOn37yowS6pLdbg4n2NWy05eG7w0tJbjj8wUkJpRIdzkFbM_8qW6zqYaCrKYkiCrJcCTLYJXwvwi77MLuYcCMEoRuF4xZzoPl4qWqFn-D0j3a1Z2htu3KMbLQ-gw28ml3MShqaTUuc2Obpe_KV2W-8qgtkxeY9_HqJ7wBFZOKhL35sFaXl3e-e8lpUjkj2w-KwW5qaRbcNFSzjz6LVlGFcMc2ZMpQNnCKRajEwTrsEYJObagAVrMQQtdnLtqvnopN1dhATQ_V0DAeb8tN2XYxK02Nr6HH_l71tsFO85osUKdiy4AUgx8PP2KN3caUaVe0u8txoeVBOtDG-Pr1eYZWkg2BpCBtZhxnuGWvysnJ48zIO6Et59N08tVyWfyCTZGZ-GjWwJRbaZRDlVxgOvqf2ENP7AJg6Mgu_KW9KfZOZaSHaNhDLUqw--8Fy2yMxIVqBDAHSyjhe-6GpnwzuKk-QwBAFnUFAPpUH7m-FNRVEdokgOPnXoIx4J_nqLQnOGg5eQ6Fva9YBjd0CVKGQFvv4kSQlg6f_AGsqIzpw0y75ra75xFC9s-DDDdlWV7j86m5sZVRHAltbZK9FVS8NOtGj3jrDbNd7OuEh1_5Vtn0v_Su_jwRIA840CCk3T3tBvsK3pSZk3o3LDva2eVGpmNd19AnI7FZZIB9p3q2Fb1Zt-4xM3uzxggCpAvfokBVPnY3jTbSAy3MI83e5zonTPeygi3pEDcVVMfumNjDz3lHS4_qojTBINqVubVGw_ICvGyYPSHp5CBCDr4BQvY2AdKWCoNF72DsQNMpFh0_HjEkCSf4kfVABIv0CirkTBHDf7jpnHLWnZvEs9y1WRFXQ5jjs7gWss7-baJSNqlRb_ClltM04J97Apv_KeF6Fes9psKKKejSe8w3HCOXzNUAm0JmQgVblhqhJ-Y5YLKHWdcKZPk_zLmhANcihg9r_q0wfhCQqY82wks02OkdUUr_x4CDUMuz7i9xcG1R3g4m7a4g1qjYo4V2X-aBplZ1QgphuYfhZpKqElZh33xqVyxVxurQx2WfrbKkTF71HTe4mAORqTncLsv88kbu8cVJJxnCl7iRREVt6Wam6sHV6e-H5ek2RHzl_lSsp69qQ7O8V380KVzx-UI9f3MX_1HS67b1oA9ycQWqkWb2WSwQeFboo5pziWqGDozvybQuqY3lTJQDAwJSX8LRM4E2wUJ8gCB_JvYbgSVZGTSUF9C93uOodlzFyJyyL-V0L5SrzAyKH3YO5aMlR4Ri5z5C7O0G0oQlYjNlwwWuof9QrntUKJED3tps4w0KxJjwCShwOA58VkYMq1xgLKdQqKQPz4Qh3Nhux8u3sWaUF6rJ8AXX1MdP22iNbn4TSgLeUG0TSbvNA1fLyL4Dp7rMVbNqpsDl81Ee0rdK-UmJxTFrOTHA8I54LjPaoFV4PMZCoEFYbXUPMlX16tDJg7PCKQEcRltyt9ctFv4x2TCfbcYTMlXfwD2EFKAy1dI7FF-C6b8JblueOwUjjUGUR9-m2y2LVuRppCYa206sYakRARLJWyPYw0xcuX4cNWYGUYJLVCiV52TyC8aKJGLmpoaWp1gLmEDKB0_q86W2MLA-xZ1k2S0Z62-UjUyNTXCKwDXG4ufKM8KflW0MJamHLBEDYpsVVPtDZUBsTaFJyi8hv8GptfLatPOqE0jyErb4nHQQQF9u2v9WpDSAmCYcWagz9CHw7yWukhFittSIEqhRL9Jl0Ss5oaiNtYFW6ho6hnmyW9xXT7CfjGfo7WC2um9tg0KUPByYerJkr4bNhgNT8It28NT6jkrqG--7fUKsg_AZY9ndhkAG6Gb6R7LFnBD2koxT8Vs0AeV0cQt_2zhoDESRt3vyPSaMwbPLP_2smDPlFdlbrhNlIF7Z8hFu9ZI3AMHauJq_CdU2iw3T8PfHty40fLeatlHinLHZ92Xb_DXgDNnKzESolkQezqxHkwekOVHoLbJ4tVQvZlqg0RnP2EFifC4hpKtMVQqr0Lf7OeLdcWvTaUjBFpysEfpgdOSPjnfNexD5ur3n7j9R3EWedzcuK_Mlbz8UxRBdpPeZ_6tq1wVn702gsTTbaxbOujWt4OjPTImBjCJYh_PeBEOdVijEg3-fOFUCD1MXeI08F7myX1M9r1H0-EMGRPRZGMA2qs5C65djJR7mQqTB0LrYqALZoCotVn7E760luDIIhQhcRW-O56SbcG4KsH5dr8qV-H7QPOkFdEgPiEYXhHgd0Shjo5OGEYFmn_5L1B2Hh9ldC35dsZgUW0WXTidR3uEkGgmMkc4yl9u_BMAbuxlcDht9xvL8uLtMYwMU0jKDz2x4WP5Wm-f-s-q-2rsco3ZmiYnr_DfdCisFkoBtr6g6odGtymau02v5HUh4ERJtPMhXJcH-WpdRVxJph07FjIHbUcPvWUXYl6VxFGjannpnAJl6Yzn515saFALVlbo5k86O__6EwYK5l-vwPX0CFez3PFoTdXUJY7MXcFKzJjqxznvrdgjrAfseBTwz87jw0t4LzerU-vB21C8X_crmFAI5YT0uZMoQuEOu08iIBNSrnHFTRDS8KIGYqXwdKqW3ALP1f-I3kwOKINBgz4TPLfgRrJ77XXtJKdaf5eGZ0_AukiGY-_rgeybHdMydt1x3ctfhYwoKnVZ32RhFMP3IGAboPyURPqmTeYGe68cToyz8T18mCVi3poQWr6xC-gsbhFr5b2bJar7eq7aLzyZ3YtZ4-whqNalb0mL4Ms5T10Lpy_rKe4VB_4ad798vtoQuQGpyhhjFUFspA3PLzVZ3Hs1ZD4ab4XY9bF7jUgqWRTgxwP2NZ_hAN1EVH-peTT8Shq13iiKuMPTuTlcafdlFeBiQs0zTH3h20PxE_ITzVhPTrhKTWhiC1DQxyrSWheo-l-_X4ypKOr50QYB7QNc8EJVQ&cid=CAQSLQCsnQUxUMBr40wcAwLo1q6q7Hw1BbN2IdB8WSJ6wMDfLb2trCJ2wn7Cq1m8_w&rfl=1%2Chttps%253A%252F%252Fwww.onmsft.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 03:21:28 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 49D9
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CrHliq-W00De6S4s-glYkriBiLVXAb0T4IXbTz13IlJGi0ljD3ODVyU9O1a95ci41RxK92o7WbGJNmSAcEBGZx9x-NUmSY5V2koRee8FJNeIOZ7252u2p5icrTrXjnrUYfs99PiCU_Nl5K6xd7MkGOOriogQ&cry=1&dbm_d=AKAmf-DN6YvtZVIUGJnMKhsvwR4L50Vrv5U3GiOR7K5tz4vWlYPoG29oflUyW3Z3OOdrQqrgULllClPnSQWlGs7VeYO9Yt-5_o6jpFcE51RFnFRsts3USXfzAfZtgnEnrtB0iV5yVw-LOWOr3bpe1x0uFsJCaHs_DtnjZMECnmHPPOGlzEx3M10x2gVV6kAkNWJ7Ah5pMQRKca1hv1pEVb1UQT0hMcF0Ue4g9pxr8stHivEK9bwTLr6ztBTxhcnUT2ximbboZ9FB6TtPyegAE5p2vLQ5a8t8_Cibwex0f-RBAT_-vqHhFj1jVG1yx6G12fbfAsnOn37yowS6pLdbg4n2NWy05eG7w0tJbjj8wUkJpRIdzkFbM_8qW6zqYaCrKYkiCrJcCTLYJXwvwi77MLuYcCMEoRuF4xZzoPl4qWqFn-D0j3a1Z2htu3KMbLQ-gw28ml3MShqaTUuc2Obpe_KV2W-8qgtkxeY9_HqJ7wBFZOKhL35sFaXl3e-e8lpUjkj2w-KwW5qaRbcNFSzjz6LVlGFcMc2ZMpQNnCKRajEwTrsEYJObagAVrMQQtdnLtqvnopN1dhATQ_V0DAeb8tN2XYxK02Nr6HH_l71tsFO85osUKdiy4AUgx8PP2KN3caUaVe0u8txoeVBOtDG-Pr1eYZWkg2BpCBtZhxnuGWvysnJ48zIO6Et59N08tVyWfyCTZGZ-GjWwJRbaZRDlVxgOvqf2ENP7AJg6Mgu_KW9KfZOZaSHaNhDLUqw--8Fy2yMxIVqBDAHSyjhe-6GpnwzuKk-QwBAFnUFAPpUH7m-FNRVEdokgOPnXoIx4J_nqLQnOGg5eQ6Fva9YBjd0CVKGQFvv4kSQlg6f_AGsqIzpw0y75ra75xFC9s-DDDdlWV7j86m5sZVRHAltbZK9FVS8NOtGj3jrDbNd7OuEh1_5Vtn0v_Su_jwRIA840CCk3T3tBvsK3pSZk3o3LDva2eVGpmNd19AnI7FZZIB9p3q2Fb1Zt-4xM3uzxggCpAvfokBVPnY3jTbSAy3MI83e5zonTPeygi3pEDcVVMfumNjDz3lHS4_qojTBINqVubVGw_ICvGyYPSHp5CBCDr4BQvY2AdKWCoNF72DsQNMpFh0_HjEkCSf4kfVABIv0CirkTBHDf7jpnHLWnZvEs9y1WRFXQ5jjs7gWss7-baJSNqlRb_ClltM04J97Apv_KeF6Fes9psKKKejSe8w3HCOXzNUAm0JmQgVblhqhJ-Y5YLKHWdcKZPk_zLmhANcihg9r_q0wfhCQqY82wks02OkdUUr_x4CDUMuz7i9xcG1R3g4m7a4g1qjYo4V2X-aBplZ1QgphuYfhZpKqElZh33xqVyxVxurQx2WfrbKkTF71HTe4mAORqTncLsv88kbu8cVJJxnCl7iRREVt6Wam6sHV6e-H5ek2RHzl_lSsp69qQ7O8V380KVzx-UI9f3MX_1HS67b1oA9ycQWqkWb2WSwQeFboo5pziWqGDozvybQuqY3lTJQDAwJSX8LRM4E2wUJ8gCB_JvYbgSVZGTSUF9C93uOodlzFyJyyL-V0L5SrzAyKH3YO5aMlR4Ri5z5C7O0G0oQlYjNlwwWuof9QrntUKJED3tps4w0KxJjwCShwOA58VkYMq1xgLKdQqKQPz4Qh3Nhux8u3sWaUF6rJ8AXX1MdP22iNbn4TSgLeUG0TSbvNA1fLyL4Dp7rMVbNqpsDl81Ee0rdK-UmJxTFrOTHA8I54LjPaoFV4PMZCoEFYbXUPMlX16tDJg7PCKQEcRltyt9ctFv4x2TCfbcYTMlXfwD2EFKAy1dI7FF-C6b8JblueOwUjjUGUR9-m2y2LVuRppCYa206sYakRARLJWyPYw0xcuX4cNWYGUYJLVCiV52TyC8aKJGLmpoaWp1gLmEDKB0_q86W2MLA-xZ1k2S0Z62-UjUyNTXCKwDXG4ufKM8KflW0MJamHLBEDYpsVVPtDZUBsTaFJyi8hv8GptfLatPOqE0jyErb4nHQQQF9u2v9WpDSAmCYcWagz9CHw7yWukhFittSIEqhRL9Jl0Ss5oaiNtYFW6ho6hnmyW9xXT7CfjGfo7WC2um9tg0KUPByYerJkr4bNhgNT8It28NT6jkrqG--7fUKsg_AZY9ndhkAG6Gb6R7LFnBD2koxT8Vs0AeV0cQt_2zhoDESRt3vyPSaMwbPLP_2smDPlFdlbrhNlIF7Z8hFu9ZI3AMHauJq_CdU2iw3T8PfHty40fLeatlHinLHZ92Xb_DXgDNnKzESolkQezqxHkwekOVHoLbJ4tVQvZlqg0RnP2EFifC4hpKtMVQqr0Lf7OeLdcWvTaUjBFpysEfpgdOSPjnfNexD5ur3n7j9R3EWedzcuK_Mlbz8UxRBdpPeZ_6tq1wVn702gsTTbaxbOujWt4OjPTImBjCJYh_PeBEOdVijEg3-fOFUCD1MXeI08F7myX1M9r1H0-EMGRPRZGMA2qs5C65djJR7mQqTB0LrYqALZoCotVn7E760luDIIhQhcRW-O56SbcG4KsH5dr8qV-H7QPOkFdEgPiEYXhHgd0Shjo5OGEYFmn_5L1B2Hh9ldC35dsZgUW0WXTidR3uEkGgmMkc4yl9u_BMAbuxlcDht9xvL8uLtMYwMU0jKDz2x4WP5Wm-f-s-q-2rsco3ZmiYnr_DfdCisFkoBtr6g6odGtymau02v5HUh4ERJtPMhXJcH-WpdRVxJph07FjIHbUcPvWUXYl6VxFGjannpnAJl6Yzn515saFALVlbo5k86O__6EwYK5l-vwPX0CFez3PFoTdXUJY7MXcFKzJjqxznvrdgjrAfseBTwz87jw0t4LzerU-vB21C8X_crmFAI5YT0uZMoQuEOu08iIBNSrnHFTRDS8KIGYqXwdKqW3ALP1f-I3kwOKINBgz4TPLfgRrJ77XXtJKdaf5eGZ0_AukiGY-_rgeybHdMydt1x3ctfhYwoKnVZ32RhFMP3IGAboPyURPqmTeYGe68cToyz8T18mCVi3poQWr6xC-gsbhFr5b2bJar7eq7aLzyZ3YtZ4-whqNalb0mL4Ms5T10Lpy_rKe4VB_4ad798vtoQuQGpyhhjFUFspA3PLzVZ3Hs1ZD4ab4XY9bF7jUgqWRTgxwP2NZ_hAN1EVH-peTT8Shq13iiKuMPTuTlcafdlFeBiQs0zTH3h20PxE_ITzVhPTrhKTWhiC1DQxyrSWheo-l-_X4ypKOr50QYB7QNc8EJVQ&cid=CAQSLQCsnQUxUMBr40wcAwLo1q6q7Hw1BbN2IdB8WSJ6wMDfLb2trCJ2wn7Cq1m8_w&rfl=1%2Chttps%253A%252F%252Fwww.onmsft.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 23:16:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
446753
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Aug 2023 23:16:06 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 742B
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 22:04:41 GMT
x-content-type-options
nosniff
server
cafe
age
19039
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
15880770647744369592
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Sat, 13 Aug 2022 22:04:41 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 742B
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 18:56:09 GMT
x-content-type-options
nosniff
server
cafe
age
30351
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 13 Aug 2022 18:56:09 GMT
impl_v90.js
www.googletagservices.com/dcm/ Frame 49D9
54 KB
21 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v90.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 09:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
411561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21331
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 13:07:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 09:02:39 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 143F
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
322442
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 09:47:58 GMT
expires
Wed, 09 Aug 2023 09:47:58 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usermatchredir
ssum-sec.casalemedia.com/
43 B
842 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
739e52e6894b3535-NRT
pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvWr%2B9dl51rVAZWotJV0ILg27QD7UKuneXZ%2BC%2B5GR2%2B1oI2cyuifNgN5Az9eQY2qo5Gj5BziDaeo8IFm4%2BmF8PUDwaIOlxlRtpCOBfM8yTr1W6biMuNGfJf%2Flxz1%2BfuXX01wUH5Lnv8B4A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame 143F
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:52:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
329366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:52:34 GMT
B21543855.235417681;dc_ver=90.265;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3037181502;ord=vsiw7a;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyfPG1xj3Yu2ED_SJ29gP8IW...
ad.doubleclick.net/ddm/adi/N9032.585838.ADWORDS.GOOGLE.CO.J/ Frame 4D32
53 KB
26 KB
Document
General
Full URL
https://ad.doubleclick.net/ddm/adi/N9032.585838.ADWORDS.GOOGLE.CO.J/B21543855.235417681;dc_ver=90.265;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3037181502;ord=vsiw7a;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyfPG1xj3Yu2ED_SJ29gP8IW60AKy_IiAXpuY6ODtC8CNtwEQASD7m9VJYInzxYT0E8gBCakCkIfF-1UYQD6oAwGqBPcBT9Cg7K6yKskHzzuXadie_FKs1LTONm7c_8IqQo3UtdFieMTpD0-k-7hDOxpslz40_ZPP9VOqhz9Iue9Gca0Lw2yi1Dz6DG4Z-pIjNKwNmvRy9pf1tnx69z1AlULeLSc7OCUk6cUWv5YlkcpuaQhYx-UJh-xf6bEjmkgVfCe0Y269YWFERcserRt9lXoKTlTuGTvXvP4Jn172IBByi05aCuTsrN57wFLmTg02aw99PiY2njWhW6sWoxCMew6pjS4MisLYKTk0ibPqSEhzJSzNeZlAMyIEHS9xTQdlU8c_fBnHuV_UProNJ8lHfeGFPswZcvQXlv6f-sAEyZnNxfoC4AQDkAYBoAZNgAeyxZyDAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTEyNjI1NDQ5MzA1ODU3OTCACgOYCwHICwGADAGwE_nCjg3IE4O67QfYEwqIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLQCsnQUxUMBr40wcAwLo1q6q7Hw1BbN2IdB8WSJ6wMDfLb2trCJ2wn7Cq1m8_w%26sig%3DAOD64_1WCl3vd6H0aKfRV1US9432roSSZA%26client%3Dca-pub-5812357352335075%26dbm_c%3DAKAmf-D6pGgRbqCilwceftHpy82R8AVyeJvA50ObvkzQtWtTp4JV5mhjJQEMaArYfxtkRQk6QAlHwz4l8thNiQDgwcZpturyDudIESdxoZkQy4Ox3_mVo3hA6Jnkbi8XKQGpjbT6CMifOSnkpIgZePfrgIFYEzz7yw%26cry%3D1%26dbm_d%3DAKAmf-AxUKGZgIe76ONGfALSy4_uFxNOWolwpBDMlE729cEfcc0joIrjUmtixPu_O9Yk7gWLbrc0uBFj_oeaKiVlAtQYUftQGC3IeoCGpjzhqcQsTdHupJAh0c-iXuejNvr9BYLjP93MbXfj18WgBN5WCX320MYgCqRep1Cro7eciO7TngDjSEBlqK5hhouOcSAfC_cwXnPta9Xe6UjCnEgcdp0qUIVtCDRfXrJWrxm6hJKO38kXCvuIQET8jlFqoHz2l38RJfo3Rf5iqg9Y1QSoMOpqJd6JjXSAw4GNUkgJEQmoRvnTaxCRtn42wz7ksWyOAQNqwPSPVVs-zA_n5_ULIw3V3KTzK_on8yXjb6mc_lQaj_ifPGhRAZmRTxvzKM8TuZAKP6nQt7Qam5EmU4JV-k7CI42jGUvsH1-UHSH5rnTAbTYHy4Cc9Tw9XA0tjpo-j6bhrmgk%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.onmsft.com%2F$0;xdt=1;crlt=Hr5Z7IlAIn;stc=1;chaa=1;sttr=59;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v90.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f6.1e100.net
Software
cafe /
Resource Hash
49f430dda26df470a301ffb77b423d4f7867ffdbdc667c7ed152d4e6e5497f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
26639
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 03:22:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 49D9
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c869b7dda650e6adfa366299c8f475c896cfaf4b4111862844e36232c1ba697

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/032208081650000/ Frame F329
220 KB
60 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/032208081650000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29118761c07ba2f914e82c8bff0e7101fadc02790c312cc74e4dedde62ab4d88
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
277540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61565
x-xss-protection
0
server
sffe
date
Tue, 09 Aug 2022 22:16:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"824fa8c6f0b4450b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Aug 2023 22:16:20 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/032208081650000/v0/ Frame F329
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/032208081650000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
277540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5197
x-xss-protection
0
server
sffe
date
Tue, 09 Aug 2022 22:16:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aca8368210f82021"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Aug 2023 22:16:20 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/032208081650000/v0/ Frame F329
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/032208081650000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
277540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28794
x-xss-protection
0
server
sffe
date
Tue, 09 Aug 2022 22:16:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cc093c4134ec5f1e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Aug 2023 22:16:20 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/032208081650000/v0/ Frame F329
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/032208081650000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
277540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Tue, 09 Aug 2022 22:16:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef17e6cba96d5668"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Aug 2023 22:16:20 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/032208081650000/v0/ Frame F329
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/032208081650000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
277540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12948
x-xss-protection
0
server
sffe
date
Tue, 09 Aug 2022 22:16:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08e07a681963ea9f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Aug 2023 22:16:20 GMT
css
fonts.googleapis.com/ Frame F329
8 KB
893 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 03:14:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 13 Aug 2022 03:22:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Aug 2022 03:22:00 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F329
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 22:04:41 GMT
x-content-type-options
nosniff
server
cafe
age
19039
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
15880770647744369592
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Sat, 13 Aug 2022 22:04:41 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F329
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 18:56:09 GMT
x-content-type-options
nosniff
server
cafe
age
30351
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 13 Aug 2022 18:56:09 GMT
l
www.google.com/ads/measurement/ Frame F329
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWjY0Q3GOOi8ZSJpCKTEtNWegGIcu-bUI6GpMlRn879cyN6ckTti1Z-Hv1EC0d26nOsFUs-soS3LqnXQi02sSyRIXMQw
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame F329
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CWYe_1xj3YuvINM3Y2QScub2YCpaCqpdr0bH7g68Ntoat4o4OEAEg-5vVSWCJ88WE9BOgAabMsfQCyAEBqQKH3o24SV20PuACAKgDAcgDCqoEhAJP0HYSfDz5ggAV9fEXEOoAGPJxNRErSzuNNZQzHFED0On3Mr5S0YW6go248zbqnizp9EjhNEVIRzHRvo4pJUiXPcZLXIhN6k5Rn-gAEXVV7UygneKBeUMdncuGQYeV80sPRVILekHZd32ISSODgRAypAM2m2lnxGOYIP40Co5oXX0J77kkl9e8K7u89SPlGGWXarsae0kLouKm9_Q4se3seslyJf7ZSvt6RMj6vl9rOmj97v7Ww1X-JNuzaYfoPlvINybyW1-cNlKdZjXUJTGU4xaSgf-MXy_ekA891pkmzzC5ZZkyvG8TpA4SAjsEWRR7dy3kTM1r7NYRgCMHsy5IZJWYRsAEy-qlnosC4AQBkgUECAQYAZIFBAgFGASgBmaAB8KzzosBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQleUI0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi0xMjYyNTQ0OTMwNTg1NzkwgAoDyAsB2BMMiBQG0BUBmBYBgBcBshceChwIABIUcHViLTU4MTIzNTczNTIzMzUwNzUY26Ih&sigh=7WQmULY1Nlc&uach_m=[UACH]
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

checksync.php
contextual.media.net/ Frame 895F
37 KB
12 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f859a03bcf9f6ef1c535c669d4d463eb0846bec930128e6f7efb450558910bf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
12268
content-type
text/html; charset=UTF-8
date
Sat, 13 Aug 2022 03:22:00 GMT
expires
Mon, 15 Aug 2022 03:22:00 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AC61
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158326
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-52-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=29245
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 13 Aug 2022 03:22:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 13 Aug 2022 11:29:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 6997
532 B
636 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
05976a74766df4807447cbc06ca9da502ca871bc43b25dda88e447dc90d39533

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
324
content-type
text/html
date
Sat, 13 Aug 2022 03:22:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 4AD7
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Aug 2022 03:22:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame F88B
9 KB
4 KB
Document
General
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.238.168 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-238-168.sfo5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
82e3811cdfceb32fce78d37685ff4189f3927def60304312c3519603939f0ba8

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
41463
cache-control
max-age=345600
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 15:50:58 GMT
etag
W/"dded7396fbe6d087909057448e1ad0c8"
last-modified
Tue, 26 Jul 2022 15:11:15 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 457f6aac6043da8b82d532af40ff19c2.cloudfront.net (CloudFront)
x-amz-cf-id
4M6wcg6rQN-i-k0hlQh6_pgwihicQBUZTnVlt_EP2c0jBtKK7bKTpg==
x-amz-cf-pop
SFO5-C3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:37f5e49a-fa66-49da-8441-dd45098ed05e
x-amz-meta-codebuild-content-md5
b40e23c2c399349f8349f9ae9edec2ec
x-amz-meta-codebuild-content-sha256
495aaab93a2848b45bf77774751801430fcd8a0741179b148bb54de4435f2b80
x-cache
Hit from cloudfront
checksync.php
contextual.media.net/ Frame 9D07
37 KB
12 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f859a03bcf9f6ef1c535c669d4d463eb0846bec930128e6f7efb450558910bf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
12268
content-type
text/html; charset=UTF-8
date
Sat, 13 Aug 2022 03:22:00 GMT
expires
Mon, 15 Aug 2022 03:22:00 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BBFF
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158326
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-52-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=29245
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 13 Aug 2022 03:22:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 13 Aug 2022 11:29:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
jp-u.openx.net/w/1.0/ Frame A230
532 B
624 B
Document
General
Full URL
https://jp-u.openx.net/w/1.0/pd?plm=6&ph=36f43d7a-82bf-4fdf-8a09-9bd06a2b981b&gdpr=0
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
05976a74766df4807447cbc06ca9da502ca871bc43b25dda88e447dc90d39533

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
324
content-type
text/html
date
Sat, 13 Aug 2022 03:22:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
truncated
/ Frame F329
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea26beb23573aff07e974efb36e05ca385601ffc35a76a999b58b58115435599

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame FB2B
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGq1C1xj3YuuED_SJ29gP8IW60AIAAAAAOAHgBAI&bg=!WlmlWR3NAAa4hXTbmIU7ACkAdvg8WqVyD7Iy0GfWvd0jlCfyc93d7d6nwUakWDhqk24QZBBCxKxtsAIAAADeUgAAAAFoAQeZAykFXt6ubcYjYTSh8FIbrwAauMfnQdAh2_o7bwZUt8qx49ftelJca46iESpv87yY9dj6CtpPSpx7cP0Kx0fIZwGWlEA91Lv9luMCSjrrsZES8k_pdc5-9AtLKkexsHxlz2_mYZ1PTHLEDujQJUm3KD5i1gKif3b8yR1Uy1xmQJIqwgk8M4tmFqaoWRxivkCrxU1TtRQbg88Sxh4A5LVx3E8u8UvIpFy6P-RGwbBrTYIaG-40NVmcQ3diuNN_CB-sgEcKI2VSsNQLHlDGiMM2eNmTI06xvNch-LvxiP8_WvkJ59lhznxe-eXuhWuwux7IDmIlOo4OHsEnJ5nYgH90_Tvl6i6KvI7juExpEvaWih0ElJu-7ntMFkZChO-qMVS_pAJ03AKWvk_CCYCXyLHdbTKfo1OF0Q9HYpf4z6Mo4pFenUqi1hEnJXCbn-m_xmw8u27cZy7ZMMRz0373RO2_eqtdJUjGcuvGlxEa3rTwucureWH_2Q_ORgLJKbh3fya2xkso-IkjC6r56tpUT2VzSh3F5GNcdNDqGdBDR86MgqFIQXLK5_pPGtOdX6O8kmPfzoAPHEwcRjfHqIaBkskFnTUiBp-S2_GhmiSpMMs2UOVVJ50VKbt7C4Ao6TZGBgGIRIKQZNv4ZbvzZL4gY1Uvl7PFvHiX7TbPxC4BMWBH6sJgOu8j4Cw4nQcKB_BqmBU7UMZUxcf2li5emZ-sKMHoInagqTTJHgJDCTMvjfb2p8tV-sXwGYldphavufOWvu3F-EbFGOmY4Kef90QbqC5NpNb4DkiKeAJCLJGTqfBBJE5Tz2jpKqvh2yvNh2bKS-ScWVB5YGzQwN9JXwoDNxoQv01cFZ3zSn4XlwEd6IT1q8gbCjtfo8CsOMzR_1NFjDyD4YcyelLdpl4xM2qM0z-LxCsIPqFPMlGj9dUSrAp6VvVQsyXg4AqBX_jAqUIPBM5EeZrzLNZq9nnu50CVYmXjpMbRVvFEtftxE2n1yEWZRp-ssSk6yLBUiRGyHsXA-MoYOzjzjRSJkgFuHUK5DGhH9teU4AB77IFGF1tqTBOJ1OjD4xmcOEsjYRtqig
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
11729670697175972739
s0.2mdn.net/simgad/ Frame 4D32
26 KB
26 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/11729670697175972739
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N9032.585838.ADWORDS.GOOGLE.CO.J/B21543855.235417681;dc_ver=90.265;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3037181502;ord=vsiw7a;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyfPG1xj3Yu2ED_SJ29gP8IW60AKy_IiAXpuY6ODtC8CNtwEQASD7m9VJYInzxYT0E8gBCakCkIfF-1UYQD6oAwGqBPcBT9Cg7K6yKskHzzuXadie_FKs1LTONm7c_8IqQo3UtdFieMTpD0-k-7hDOxpslz40_ZPP9VOqhz9Iue9Gca0Lw2yi1Dz6DG4Z-pIjNKwNmvRy9pf1tnx69z1AlULeLSc7OCUk6cUWv5YlkcpuaQhYx-UJh-xf6bEjmkgVfCe0Y269YWFERcserRt9lXoKTlTuGTvXvP4Jn172IBByi05aCuTsrN57wFLmTg02aw99PiY2njWhW6sWoxCMew6pjS4MisLYKTk0ibPqSEhzJSzNeZlAMyIEHS9xTQdlU8c_fBnHuV_UProNJ8lHfeGFPswZcvQXlv6f-sAEyZnNxfoC4AQDkAYBoAZNgAeyxZyDAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTEyNjI1NDQ5MzA1ODU3OTCACgOYCwHICwGADAGwE_nCjg3IE4O67QfYEwqIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLQCsnQUxUMBr40wcAwLo1q6q7Hw1BbN2IdB8WSJ6wMDfLb2trCJ2wn7Cq1m8_w%26sig%3DAOD64_1WCl3vd6H0aKfRV1US9432roSSZA%26client%3Dca-pub-5812357352335075%26dbm_c%3DAKAmf-D6pGgRbqCilwceftHpy82R8AVyeJvA50ObvkzQtWtTp4JV5mhjJQEMaArYfxtkRQk6QAlHwz4l8thNiQDgwcZpturyDudIESdxoZkQy4Ox3_mVo3hA6Jnkbi8XKQGpjbT6CMifOSnkpIgZePfrgIFYEzz7yw%26cry%3D1%26dbm_d%3DAKAmf-AxUKGZgIe76ONGfALSy4_uFxNOWolwpBDMlE729cEfcc0joIrjUmtixPu_O9Yk7gWLbrc0uBFj_oeaKiVlAtQYUftQGC3IeoCGpjzhqcQsTdHupJAh0c-iXuejNvr9BYLjP93MbXfj18WgBN5WCX320MYgCqRep1Cro7eciO7TngDjSEBlqK5hhouOcSAfC_cwXnPta9Xe6UjCnEgcdp0qUIVtCDRfXrJWrxm6hJKO38kXCvuIQET8jlFqoHz2l38RJfo3Rf5iqg9Y1QSoMOpqJd6JjXSAw4GNUkgJEQmoRvnTaxCRtn42wz7ksWyOAQNqwPSPVVs-zA_n5_ULIw3V3KTzK_on8yXjb6mc_lQaj_ifPGhRAZmRTxvzKM8TuZAKP6nQt7Qam5EmU4JV-k7CI42jGUvsH1-UHSH5rnTAbTYHy4Cc9Tw9XA0tjpo-j6bhrmgk%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.onmsft.com%2F$0;xdt=1;crlt=Hr5Z7IlAIn;stc=1;chaa=1;sttr=59;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ba19a4f63f4e0d1383a42b4bd63a92c86c9d7692bd9c4fe81e18b26cd45c953
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 12:11:09 GMT
x-content-type-options
nosniff
age
141051
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26253
x-xss-protection
0
last-modified
Sat, 29 Aug 2020 03:47:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Aug 2023 12:11:09 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/xfa/ Frame 4D32
10 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N9032.585838.ADWORDS.GOOGLE.CO.J/B21543855.235417681;dc_ver=90.265;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3037181502;ord=vsiw7a;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyfPG1xj3Yu2ED_SJ29gP8IW60AKy_IiAXpuY6ODtC8CNtwEQASD7m9VJYInzxYT0E8gBCakCkIfF-1UYQD6oAwGqBPcBT9Cg7K6yKskHzzuXadie_FKs1LTONm7c_8IqQo3UtdFieMTpD0-k-7hDOxpslz40_ZPP9VOqhz9Iue9Gca0Lw2yi1Dz6DG4Z-pIjNKwNmvRy9pf1tnx69z1AlULeLSc7OCUk6cUWv5YlkcpuaQhYx-UJh-xf6bEjmkgVfCe0Y269YWFERcserRt9lXoKTlTuGTvXvP4Jn172IBByi05aCuTsrN57wFLmTg02aw99PiY2njWhW6sWoxCMew6pjS4MisLYKTk0ibPqSEhzJSzNeZlAMyIEHS9xTQdlU8c_fBnHuV_UProNJ8lHfeGFPswZcvQXlv6f-sAEyZnNxfoC4AQDkAYBoAZNgAeyxZyDAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTEyNjI1NDQ5MzA1ODU3OTCACgOYCwHICwGADAGwE_nCjg3IE4O67QfYEwqIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLQCsnQUxUMBr40wcAwLo1q6q7Hw1BbN2IdB8WSJ6wMDfLb2trCJ2wn7Cq1m8_w%26sig%3DAOD64_1WCl3vd6H0aKfRV1US9432roSSZA%26client%3Dca-pub-5812357352335075%26dbm_c%3DAKAmf-D6pGgRbqCilwceftHpy82R8AVyeJvA50ObvkzQtWtTp4JV5mhjJQEMaArYfxtkRQk6QAlHwz4l8thNiQDgwcZpturyDudIESdxoZkQy4Ox3_mVo3hA6Jnkbi8XKQGpjbT6CMifOSnkpIgZePfrgIFYEzz7yw%26cry%3D1%26dbm_d%3DAKAmf-AxUKGZgIe76ONGfALSy4_uFxNOWolwpBDMlE729cEfcc0joIrjUmtixPu_O9Yk7gWLbrc0uBFj_oeaKiVlAtQYUftQGC3IeoCGpjzhqcQsTdHupJAh0c-iXuejNvr9BYLjP93MbXfj18WgBN5WCX320MYgCqRep1Cro7eciO7TngDjSEBlqK5hhouOcSAfC_cwXnPta9Xe6UjCnEgcdp0qUIVtCDRfXrJWrxm6hJKO38kXCvuIQET8jlFqoHz2l38RJfo3Rf5iqg9Y1QSoMOpqJd6JjXSAw4GNUkgJEQmoRvnTaxCRtn42wz7ksWyOAQNqwPSPVVs-zA_n5_ULIw3V3KTzK_on8yXjb6mc_lQaj_ifPGhRAZmRTxvzKM8TuZAKP6nQt7Qam5EmU4JV-k7CI42jGUvsH1-UHSH5rnTAbTYHy4Cc9Tw9XA0tjpo-j6bhrmgk%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.onmsft.com%2F$0;xdt=1;crlt=Hr5Z7IlAIn;stc=1;chaa=1;sttr=59;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 02:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3878
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4037
x-xss-protection
0
server
cafe
etag
4842123143989086801
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 02:17:22 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 4D32
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N9032.585838.ADWORDS.GOOGLE.CO.J/B21543855.235417681;dc_ver=90.265;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3037181502;ord=vsiw7a;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyfPG1xj3Yu2ED_SJ29gP8IW60AKy_IiAXpuY6ODtC8CNtwEQASD7m9VJYInzxYT0E8gBCakCkIfF-1UYQD6oAwGqBPcBT9Cg7K6yKskHzzuXadie_FKs1LTONm7c_8IqQo3UtdFieMTpD0-k-7hDOxpslz40_ZPP9VOqhz9Iue9Gca0Lw2yi1Dz6DG4Z-pIjNKwNmvRy9pf1tnx69z1AlULeLSc7OCUk6cUWv5YlkcpuaQhYx-UJh-xf6bEjmkgVfCe0Y269YWFERcserRt9lXoKTlTuGTvXvP4Jn172IBByi05aCuTsrN57wFLmTg02aw99PiY2njWhW6sWoxCMew6pjS4MisLYKTk0ibPqSEhzJSzNeZlAMyIEHS9xTQdlU8c_fBnHuV_UProNJ8lHfeGFPswZcvQXlv6f-sAEyZnNxfoC4AQDkAYBoAZNgAeyxZyDAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTEyNjI1NDQ5MzA1ODU3OTCACgOYCwHICwGADAGwE_nCjg3IE4O67QfYEwqIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLQCsnQUxUMBr40wcAwLo1q6q7Hw1BbN2IdB8WSJ6wMDfLb2trCJ2wn7Cq1m8_w%26sig%3DAOD64_1WCl3vd6H0aKfRV1US9432roSSZA%26client%3Dca-pub-5812357352335075%26dbm_c%3DAKAmf-D6pGgRbqCilwceftHpy82R8AVyeJvA50ObvkzQtWtTp4JV5mhjJQEMaArYfxtkRQk6QAlHwz4l8thNiQDgwcZpturyDudIESdxoZkQy4Ox3_mVo3hA6Jnkbi8XKQGpjbT6CMifOSnkpIgZePfrgIFYEzz7yw%26cry%3D1%26dbm_d%3DAKAmf-AxUKGZgIe76ONGfALSy4_uFxNOWolwpBDMlE729cEfcc0joIrjUmtixPu_O9Yk7gWLbrc0uBFj_oeaKiVlAtQYUftQGC3IeoCGpjzhqcQsTdHupJAh0c-iXuejNvr9BYLjP93MbXfj18WgBN5WCX320MYgCqRep1Cro7eciO7TngDjSEBlqK5hhouOcSAfC_cwXnPta9Xe6UjCnEgcdp0qUIVtCDRfXrJWrxm6hJKO38kXCvuIQET8jlFqoHz2l38RJfo3Rf5iqg9Y1QSoMOpqJd6JjXSAw4GNUkgJEQmoRvnTaxCRtn42wz7ksWyOAQNqwPSPVVs-zA_n5_ULIw3V3KTzK_on8yXjb6mc_lQaj_ifPGhRAZmRTxvzKM8TuZAKP6nQt7Qam5EmU4JV-k7CI42jGUvsH1-UHSH5rnTAbTYHy4Cc9Tw9XA0tjpo-j6bhrmgk%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.onmsft.com%2F$0;xdt=1;crlt=Hr5Z7IlAIn;stc=1;chaa=1;sttr=59;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:15:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Aug 2022 03:15:43 GMT
pr
s.amazon-adsystem.com/v3/ Frame AAC7
3 KB
3 KB
Document
General
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
58430391c3b889e9c111eadd4363080551ef19315f260f320ec4575ab0d73c21
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2708
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 13 Aug 2022 03:22:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
1BXS5DA5AWJADASVE06Y
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4D32
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N9032.585838.ADWORDS.GOOGLE.CO.J/B21543855.235417681;dc_ver=90.265;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3037181502;ord=vsiw7a;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyfPG1xj3Yu2ED_SJ29gP8IW60AKy_IiAXpuY6ODtC8CNtwEQASD7m9VJYInzxYT0E8gBCakCkIfF-1UYQD6oAwGqBPcBT9Cg7K6yKskHzzuXadie_FKs1LTONm7c_8IqQo3UtdFieMTpD0-k-7hDOxpslz40_ZPP9VOqhz9Iue9Gca0Lw2yi1Dz6DG4Z-pIjNKwNmvRy9pf1tnx69z1AlULeLSc7OCUk6cUWv5YlkcpuaQhYx-UJh-xf6bEjmkgVfCe0Y269YWFERcserRt9lXoKTlTuGTvXvP4Jn172IBByi05aCuTsrN57wFLmTg02aw99PiY2njWhW6sWoxCMew6pjS4MisLYKTk0ibPqSEhzJSzNeZlAMyIEHS9xTQdlU8c_fBnHuV_UProNJ8lHfeGFPswZcvQXlv6f-sAEyZnNxfoC4AQDkAYBoAZNgAeyxZyDAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTEyNjI1NDQ5MzA1ODU3OTCACgOYCwHICwGADAGwE_nCjg3IE4O67QfYEwqIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLQCsnQUxUMBr40wcAwLo1q6q7Hw1BbN2IdB8WSJ6wMDfLb2trCJ2wn7Cq1m8_w%26sig%3DAOD64_1WCl3vd6H0aKfRV1US9432roSSZA%26client%3Dca-pub-5812357352335075%26dbm_c%3DAKAmf-D6pGgRbqCilwceftHpy82R8AVyeJvA50ObvkzQtWtTp4JV5mhjJQEMaArYfxtkRQk6QAlHwz4l8thNiQDgwcZpturyDudIESdxoZkQy4Ox3_mVo3hA6Jnkbi8XKQGpjbT6CMifOSnkpIgZePfrgIFYEzz7yw%26cry%3D1%26dbm_d%3DAKAmf-AxUKGZgIe76ONGfALSy4_uFxNOWolwpBDMlE729cEfcc0joIrjUmtixPu_O9Yk7gWLbrc0uBFj_oeaKiVlAtQYUftQGC3IeoCGpjzhqcQsTdHupJAh0c-iXuejNvr9BYLjP93MbXfj18WgBN5WCX320MYgCqRep1Cro7eciO7TngDjSEBlqK5hhouOcSAfC_cwXnPta9Xe6UjCnEgcdp0qUIVtCDRfXrJWrxm6hJKO38kXCvuIQET8jlFqoHz2l38RJfo3Rf5iqg9Y1QSoMOpqJd6JjXSAw4GNUkgJEQmoRvnTaxCRtn42wz7ksWyOAQNqwPSPVVs-zA_n5_ULIw3V3KTzK_on8yXjb6mc_lQaj_ifPGhRAZmRTxvzKM8TuZAKP6nQt7Qam5EmU4JV-k7CI42jGUvsH1-UHSH5rnTAbTYHy4Cc9Tw9XA0tjpo-j6bhrmgk%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.onmsft.com%2F$0;xdt=1;crlt=Hr5Z7IlAIn;stc=1;chaa=1;sttr=59;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 03:22:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4D32
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssl-QZ80YHirUlhecMXqZr5Xcq-L49jUcC7nJY8aO4xaAy3XsCvyzT5J2mOiH4duDdwt1IkmOgvhjYRbu0tLlzDnUwjExijXATgZYDNUgNT-TMv7MQOFOw2oAEIWjRuIxG8LaqreVriqCeXpV8tHeGj1Wjnxw&sig=Cg0ArKJSzKfJI_A1OkesEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220810.83975&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N9032.585838.ADWORDS.GOOGLE.CO.J/B21543855.235417681;dc_ver=90.265;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3037181502;ord=vsiw7a;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyfPG1xj3Yu2ED_SJ29gP8IW60AKy_IiAXpuY6ODtC8CNtwEQASD7m9VJYInzxYT0E8gBCakCkIfF-1UYQD6oAwGqBPcBT9Cg7K6yKskHzzuXadie_FKs1LTONm7c_8IqQo3UtdFieMTpD0-k-7hDOxpslz40_ZPP9VOqhz9Iue9Gca0Lw2yi1Dz6DG4Z-pIjNKwNmvRy9pf1tnx69z1AlULeLSc7OCUk6cUWv5YlkcpuaQhYx-UJh-xf6bEjmkgVfCe0Y269YWFERcserRt9lXoKTlTuGTvXvP4Jn172IBByi05aCuTsrN57wFLmTg02aw99PiY2njWhW6sWoxCMew6pjS4MisLYKTk0ibPqSEhzJSzNeZlAMyIEHS9xTQdlU8c_fBnHuV_UProNJ8lHfeGFPswZcvQXlv6f-sAEyZnNxfoC4AQDkAYBoAZNgAeyxZyDAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTEyNjI1NDQ5MzA1ODU3OTCACgOYCwHICwGADAGwE_nCjg3IE4O67QfYEwqIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLQCsnQUxUMBr40wcAwLo1q6q7Hw1BbN2IdB8WSJ6wMDfLb2trCJ2wn7Cq1m8_w%26sig%3DAOD64_1WCl3vd6H0aKfRV1US9432roSSZA%26client%3Dca-pub-5812357352335075%26dbm_c%3DAKAmf-D6pGgRbqCilwceftHpy82R8AVyeJvA50ObvkzQtWtTp4JV5mhjJQEMaArYfxtkRQk6QAlHwz4l8thNiQDgwcZpturyDudIESdxoZkQy4Ox3_mVo3hA6Jnkbi8XKQGpjbT6CMifOSnkpIgZePfrgIFYEzz7yw%26cry%3D1%26dbm_d%3DAKAmf-AxUKGZgIe76ONGfALSy4_uFxNOWolwpBDMlE729cEfcc0joIrjUmtixPu_O9Yk7gWLbrc0uBFj_oeaKiVlAtQYUftQGC3IeoCGpjzhqcQsTdHupJAh0c-iXuejNvr9BYLjP93MbXfj18WgBN5WCX320MYgCqRep1Cro7eciO7TngDjSEBlqK5hhouOcSAfC_cwXnPta9Xe6UjCnEgcdp0qUIVtCDRfXrJWrxm6hJKO38kXCvuIQET8jlFqoHz2l38RJfo3Rf5iqg9Y1QSoMOpqJd6JjXSAw4GNUkgJEQmoRvnTaxCRtn42wz7ksWyOAQNqwPSPVVs-zA_n5_ULIw3V3KTzK_on8yXjb6mc_lQaj_ifPGhRAZmRTxvzKM8TuZAKP6nQt7Qam5EmU4JV-k7CI42jGUvsH1-UHSH5rnTAbTYHy4Cc9Tw9XA0tjpo-j6bhrmgk%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.onmsft.com%2F$0;xdt=1;crlt=Hr5Z7IlAIn;stc=1;chaa=1;sttr=59;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:22:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
beacon.gif
atm.im-apps.net/a/ Frame 4D32
43 B
58 B
Image
General
Full URL
https://atm.im-apps.net/a/beacon.gif?cid=1001099&c1=dbm&c2=235417681&c3=109678714&c4=N9032.585838.ADWORDS.GOOGLE.CO.J&c5=2195784795
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N9032.585838.ADWORDS.GOOGLE.CO.J/B21543855.235417681;dc_ver=90.265;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3037181502;ord=vsiw7a;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyfPG1xj3Yu2ED_SJ29gP8IW60AKy_IiAXpuY6ODtC8CNtwEQASD7m9VJYInzxYT0E8gBCakCkIfF-1UYQD6oAwGqBPcBT9Cg7K6yKskHzzuXadie_FKs1LTONm7c_8IqQo3UtdFieMTpD0-k-7hDOxpslz40_ZPP9VOqhz9Iue9Gca0Lw2yi1Dz6DG4Z-pIjNKwNmvRy9pf1tnx69z1AlULeLSc7OCUk6cUWv5YlkcpuaQhYx-UJh-xf6bEjmkgVfCe0Y269YWFERcserRt9lXoKTlTuGTvXvP4Jn172IBByi05aCuTsrN57wFLmTg02aw99PiY2njWhW6sWoxCMew6pjS4MisLYKTk0ibPqSEhzJSzNeZlAMyIEHS9xTQdlU8c_fBnHuV_UProNJ8lHfeGFPswZcvQXlv6f-sAEyZnNxfoC4AQDkAYBoAZNgAeyxZyDAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTEyNjI1NDQ5MzA1ODU3OTCACgOYCwHICwGADAGwE_nCjg3IE4O67QfYEwqIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLQCsnQUxUMBr40wcAwLo1q6q7Hw1BbN2IdB8WSJ6wMDfLb2trCJ2wn7Cq1m8_w%26sig%3DAOD64_1WCl3vd6H0aKfRV1US9432roSSZA%26client%3Dca-pub-5812357352335075%26dbm_c%3DAKAmf-D6pGgRbqCilwceftHpy82R8AVyeJvA50ObvkzQtWtTp4JV5mhjJQEMaArYfxtkRQk6QAlHwz4l8thNiQDgwcZpturyDudIESdxoZkQy4Ox3_mVo3hA6Jnkbi8XKQGpjbT6CMifOSnkpIgZePfrgIFYEzz7yw%26cry%3D1%26dbm_d%3DAKAmf-AxUKGZgIe76ONGfALSy4_uFxNOWolwpBDMlE729cEfcc0joIrjUmtixPu_O9Yk7gWLbrc0uBFj_oeaKiVlAtQYUftQGC3IeoCGpjzhqcQsTdHupJAh0c-iXuejNvr9BYLjP93MbXfj18WgBN5WCX320MYgCqRep1Cro7eciO7TngDjSEBlqK5hhouOcSAfC_cwXnPta9Xe6UjCnEgcdp0qUIVtCDRfXrJWrxm6hJKO38kXCvuIQET8jlFqoHz2l38RJfo3Rf5iqg9Y1QSoMOpqJd6JjXSAw4GNUkgJEQmoRvnTaxCRtn42wz7ksWyOAQNqwPSPVVs-zA_n5_ULIw3V3KTzK_on8yXjb6mc_lQaj_ifPGhRAZmRTxvzKM8TuZAKP6nQt7Qam5EmU4JV-k7CI42jGUvsH1-UHSH5rnTAbTYHy4Cc9Tw9XA0tjpo-j6bhrmgk%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.onmsft.com%2F$0;xdt=1;crlt=Hr5Z7IlAIn;stc=1;chaa=1;sttr=59;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.216.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.216.120.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4D32
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N9032.585838.ADWORDS.GOOGLE.CO.J/B21543855.235417681;dc_ver=90.265;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3037181502;ord=vsiw7a;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyfPG1xj3Yu2ED_SJ29gP8IW60AKy_IiAXpuY6ODtC8CNtwEQASD7m9VJYInzxYT0E8gBCakCkIfF-1UYQD6oAwGqBPcBT9Cg7K6yKskHzzuXadie_FKs1LTONm7c_8IqQo3UtdFieMTpD0-k-7hDOxpslz40_ZPP9VOqhz9Iue9Gca0Lw2yi1Dz6DG4Z-pIjNKwNmvRy9pf1tnx69z1AlULeLSc7OCUk6cUWv5YlkcpuaQhYx-UJh-xf6bEjmkgVfCe0Y269YWFERcserRt9lXoKTlTuGTvXvP4Jn172IBByi05aCuTsrN57wFLmTg02aw99PiY2njWhW6sWoxCMew6pjS4MisLYKTk0ibPqSEhzJSzNeZlAMyIEHS9xTQdlU8c_fBnHuV_UProNJ8lHfeGFPswZcvQXlv6f-sAEyZnNxfoC4AQDkAYBoAZNgAeyxZyDAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTEyNjI1NDQ5MzA1ODU3OTCACgOYCwHICwGADAGwE_nCjg3IE4O67QfYEwqIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLQCsnQUxUMBr40wcAwLo1q6q7Hw1BbN2IdB8WSJ6wMDfLb2trCJ2wn7Cq1m8_w%26sig%3DAOD64_1WCl3vd6H0aKfRV1US9432roSSZA%26client%3Dca-pub-5812357352335075%26dbm_c%3DAKAmf-D6pGgRbqCilwceftHpy82R8AVyeJvA50ObvkzQtWtTp4JV5mhjJQEMaArYfxtkRQk6QAlHwz4l8thNiQDgwcZpturyDudIESdxoZkQy4Ox3_mVo3hA6Jnkbi8XKQGpjbT6CMifOSnkpIgZePfrgIFYEzz7yw%26cry%3D1%26dbm_d%3DAKAmf-AxUKGZgIe76ONGfALSy4_uFxNOWolwpBDMlE729cEfcc0joIrjUmtixPu_O9Yk7gWLbrc0uBFj_oeaKiVlAtQYUftQGC3IeoCGpjzhqcQsTdHupJAh0c-iXuejNvr9BYLjP93MbXfj18WgBN5WCX320MYgCqRep1Cro7eciO7TngDjSEBlqK5hhouOcSAfC_cwXnPta9Xe6UjCnEgcdp0qUIVtCDRfXrJWrxm6hJKO38kXCvuIQET8jlFqoHz2l38RJfo3Rf5iqg9Y1QSoMOpqJd6JjXSAw4GNUkgJEQmoRvnTaxCRtn42wz7ksWyOAQNqwPSPVVs-zA_n5_ULIw3V3KTzK_on8yXjb6mc_lQaj_ifPGhRAZmRTxvzKM8TuZAKP6nQt7Qam5EmU4JV-k7CI42jGUvsH1-UHSH5rnTAbTYHy4Cc9Tw9XA0tjpo-j6bhrmgk%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.onmsft.com%2F$0;xdt=1;crlt=Hr5Z7IlAIn;stc=1;chaa=1;sttr=59;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 23:16:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
446754
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Aug 2023 23:16:06 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame F329
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.onmsft.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 08:54:28 GMT
x-content-type-options
nosniff
age
498452
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Aug 2023 08:54:28 GMT
usync.js
eus.rubiconproject.com/ Frame 4AD7
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f20b44f4c11af710237c278ab58ad01bfe9dfc72f62131392dc7c391a9d35a64

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 03:22:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70533
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9452
Expires
Sat, 13 Aug 2022 22:57:33 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4D32
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssl-QZ80YHirUlhecMXqZr5Xcq-L49jUcC7nJY8aO4xaAy3XsCvyzT5J2mOiH4duDdwt1IkmOgvhjYRbu0tLlzDnUwjExijXATgZYDNUgNT-TMv7MQOFOw2oAEIWjRuIxG8LaqreVriqCeXpV8tHeGj1Wjnxw&sig=Cg0ArKJSzKfJI_A1OkesEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=83&vt=11&dtpt=82&dett=2&cstd=0&cisv=r20220810.83975&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N9032.585838.ADWORDS.GOOGLE.CO.J/B21543855.235417681;dc_ver=90.265;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3037181502;ord=vsiw7a;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyfPG1xj3Yu2ED_SJ29gP8IW60AKy_IiAXpuY6ODtC8CNtwEQASD7m9VJYInzxYT0E8gBCakCkIfF-1UYQD6oAwGqBPcBT9Cg7K6yKskHzzuXadie_FKs1LTONm7c_8IqQo3UtdFieMTpD0-k-7hDOxpslz40_ZPP9VOqhz9Iue9Gca0Lw2yi1Dz6DG4Z-pIjNKwNmvRy9pf1tnx69z1AlULeLSc7OCUk6cUWv5YlkcpuaQhYx-UJh-xf6bEjmkgVfCe0Y269YWFERcserRt9lXoKTlTuGTvXvP4Jn172IBByi05aCuTsrN57wFLmTg02aw99PiY2njWhW6sWoxCMew6pjS4MisLYKTk0ibPqSEhzJSzNeZlAMyIEHS9xTQdlU8c_fBnHuV_UProNJ8lHfeGFPswZcvQXlv6f-sAEyZnNxfoC4AQDkAYBoAZNgAeyxZyDAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTEyNjI1NDQ5MzA1ODU3OTCACgOYCwHICwGADAGwE_nCjg3IE4O67QfYEwqIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSLQCsnQUxUMBr40wcAwLo1q6q7Hw1BbN2IdB8WSJ6wMDfLb2trCJ2wn7Cq1m8_w%26sig%3DAOD64_1WCl3vd6H0aKfRV1US9432roSSZA%26client%3Dca-pub-5812357352335075%26dbm_c%3DAKAmf-D6pGgRbqCilwceftHpy82R8AVyeJvA50ObvkzQtWtTp4JV5mhjJQEMaArYfxtkRQk6QAlHwz4l8thNiQDgwcZpturyDudIESdxoZkQy4Ox3_mVo3hA6Jnkbi8XKQGpjbT6CMifOSnkpIgZePfrgIFYEzz7yw%26cry%3D1%26dbm_d%3DAKAmf-AxUKGZgIe76ONGfALSy4_uFxNOWolwpBDMlE729cEfcc0joIrjUmtixPu_O9Yk7gWLbrc0uBFj_oeaKiVlAtQYUftQGC3IeoCGpjzhqcQsTdHupJAh0c-iXuejNvr9BYLjP93MbXfj18WgBN5WCX320MYgCqRep1Cro7eciO7TngDjSEBlqK5hhouOcSAfC_cwXnPta9Xe6UjCnEgcdp0qUIVtCDRfXrJWrxm6hJKO38kXCvuIQET8jlFqoHz2l38RJfo3Rf5iqg9Y1QSoMOpqJd6JjXSAw4GNUkgJEQmoRvnTaxCRtn42wz7ksWyOAQNqwPSPVVs-zA_n5_ULIw3V3KTzK_on8yXjb6mc_lQaj_ifPGhRAZmRTxvzKM8TuZAKP6nQt7Qam5EmU4JV-k7CI42jGUvsH1-UHSH5rnTAbTYHy4Cc9Tw9XA0tjpo-j6bhrmgk%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.onmsft.com%2F$0;xdt=1;crlt=Hr5Z7IlAIn;stc=1;chaa=1;sttr=59;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:22:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sd
us-u.openx.net/w/1.0/ Frame 6997
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3189454452451635575&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3189454452451635575&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3189454452451635575&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 13 Aug 2022 03:21:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 6997
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=30dc3f53-b1d1-77cf-f769-6ebc0701abb4&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=30dc3f53-b1d1-77cf-f769-6ebc0701abb4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1&ttd_puid=30dc3f53-b1d1-77cf-f769-6ebc0701abb4&gdpr=0&gdpr_consent=
43 B
248 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1&ttd_puid=30dc3f53-b1d1-77cf-f769-6ebc0701abb4&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1&ttd_puid=30dc3f53-b1d1-77cf-f769-6ebc0701abb4&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 6997
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YvcY2MCo8X4AAMgoXTYAAAAA
43 B
61 B
Image
General
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YvcY2MCo8X4AAMgoXTYAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
49
Date
Sat, 13 Aug 2022 03:22:00 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":49,"gdpr":false,"ipv4":"217.138.252.170","key":"YvcY2MCo8X4AAMgoXTYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40014"}
X-SO-Ads-Time
205
X-SO-Key
YvcY2MCo8X4AAMgoXTYAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40014
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YvcY2MCo8X4AAMgoXTYAAAAA
Cache-Control
private
X-SO-HostName
a-ad40014.dc2p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
X-SO-IP
217.138.252.170
sd
jp-u.openx.net/w/1.0/ Frame 6997
Redirect Chain
  • https://cr-p3.ladsp.jp/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYx0WaNoPPYHks8ADsWuAv9yWs8AAAGClTkOag
43 B
61 B
Image
General
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYx0WaNoPPYHks8ADsWuAv9yWs8AAAGClTkOag
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
via
1.1 92e96369edaca75445330712b7510c2a.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT57-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYx0WaNoPPYHks8ADsWuAv9yWs8AAAGClTkOag
cache-control
no-cache
content-length
0
x-amz-cf-id
b16lXlj5unb6FCV6Hs8yp-iu0UOEWVcQRtoho6xCdy-Ye6e9Igx-Xw==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 6997
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWNiM2VjOTktNzhhNi0yOTZiLWUyODktMzQwNWNkZTM2NWQ0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.220.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s30-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6997
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG82nozoKLTw_SovW1A44Rw&google_cver=1
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG82nozoKLTw_SovW1A44Rw&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG82nozoKLTw_SovW1A44Rw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A230
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3117396858413707639&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3117396858413707639&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=36f43d7a-82bf-4fdf-8a09-9bd06a2b981b&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3117396858413707639&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 13 Aug 2022 03:21:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame A230
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=30dc3f53-b1d1-77cf-f769-6ebc0701abb4&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=30dc3f53-b1d1-77cf-f769-6ebc0701abb4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1&ttd_puid=30dc3f53-b1d1-77cf-f769-6ebc0701abb4&gdpr=0&gdpr_consent=
43 B
264 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1&ttd_puid=30dc3f53-b1d1-77cf-f769-6ebc0701abb4&gdpr=0&gdpr_consent=
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=36f43d7a-82bf-4fdf-8a09-9bd06a2b981b&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1&ttd_puid=30dc3f53-b1d1-77cf-f769-6ebc0701abb4&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame A230
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YvcY2MCo8YwAAH6j-VoAAAAA
43 B
61 B
Image
General
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YvcY2MCo8YwAAH6j-VoAAAAA
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=36f43d7a-82bf-4fdf-8a09-9bd06a2b981b&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
14
Date
Sat, 13 Aug 2022 03:22:00 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":14,"gdpr":false,"ipv4":"217.138.252.170","key":"YvcY2MCo8YwAAH6j-VoAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad118"}
X-SO-Ads-Time
2
X-SO-Key
YvcY2MCo8YwAAH6j-VoAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad118
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YvcY2MCo8YwAAH6j-VoAAAAA
Cache-Control
private
X-SO-HostName
m-ad118.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng40.dc4p.scaleout.jp
X-SO-IP
217.138.252.170
sd
jp-u.openx.net/w/1.0/ Frame A230
Redirect Chain
  • https://cr-p3.ladsp.jp/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATuUIgTJ60rQks8ADsaW16HPc88AAAGClTkOQg
43 B
61 B
Image
General
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATuUIgTJ60rQks8ADsaW16HPc88AAAGClTkOQg
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=36f43d7a-82bf-4fdf-8a09-9bd06a2b981b&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
via
1.1 92e96369edaca75445330712b7510c2a.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT57-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATuUIgTJ60rQks8ADsaW16HPc88AAAGClTkOQg
cache-control
no-cache
content-length
0
x-amz-cf-id
Z9QN86bldmB0AgmZfhjN60Nz22AFxTKVsrM_Z9b4aha3-UXdQ8b6hA==
expires
-1
pixel
cm.g.doubleclick.net/ Frame A230
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWNiM2VjOTktNzhhNi0yOTZiLWUyODktMzQwNWNkZTM2NWQ0
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=36f43d7a-82bf-4fdf-8a09-9bd06a2b981b&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.220.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s30-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A230
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG82nozoKLTw_SovW1A44Rw&google_cver=1
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG82nozoKLTw_SovW1A44Rw&google_cver=1
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=6&ph=36f43d7a-82bf-4fdf-8a09-9bd06a2b981b&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG82nozoKLTw_SovW1A44Rw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4D32
7 KB
5 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a62d26c7b887e4f4bd3d272fe4d791d4bdd377a0d47f19f6a97aa5c9e83df56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:22:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FD48
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
322442
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 09:47:58 GMT
expires
Wed, 09 Aug 2023 09:47:58 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
e.clarity.ms/
0
174 B
XHR
General
Full URL
https://e.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.39/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
https://www.onmsft.com
date
Sat, 13 Aug 2022 03:22:00 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
si
googleads.g.doubleclick.net/pagead/drt/ Frame F329
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol
H3
Server
2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Redirect headers

date
Sat, 13 Aug 2022 03:22:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F329
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032208081650000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 22:04:41 GMT
x-content-type-options
nosniff
server
cafe
age
19039
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
15880770647744369592
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Sat, 13 Aug 2022 22:04:41 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F329
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032208081650000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 18:56:09 GMT
x-content-type-options
nosniff
server
cafe
age
30351
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 13 Aug 2022 18:56:09 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081001&jk=3215188679422792&bg=!9vWl9bHNAAa4hXTbmIU7ACkAdvg8WlLYHskvdH-GVT0PSsSksoAvIpOYORvPFoUIDUcsCgwM330pQgIAAACjUgAAAAJoAQcKAJlfqD8BqiIe3e9xDWr2qGMLbB2oOTw1v_onaq69kgYny0r14wOYZ2dktF8jrNoJlQftMLdBj44LQucTrr0ML2LYNDqypT_mGuHZjP5fUUrucW81NSa8-KRugHeAD5un6yKUINnrOR7p91tPNchXnavRq9UhGq5YT_XNwYEp6PNQQXvoLaJob5iAYgXy6lg4O4MP4Qc6qpMk-OKZAuamgmyWZOZix_nun9HyvabP0oV00TxzZIKt9QpivXCywTBWRWEugZ3gU5w8yjGTQBILRRT3morYmRB5XBPA5vyKdGbrA-imrlM5QD5i21DOoq7krQw9c3tRPYMJsio3-MI-M-gcN2_8xRENs0yX3HkdbcgVAhqS4yWy8yDrgoyq03jxf9H4mgubQddXDedWO_aFW0n1XGJeL86K479eB8q0xSrmDp48IiFGAtmlIxbG3XvUXTB36R5dsXrwUYcx2uexF5QVbZ-uTNcmdGFWjDS0dVJeN1-B91V7Wnxy3-SBjblFI3h0O9mIrOdu_j6FpfO9WJdSsR0cPzyF9khBozXrl5yjtPbVX_EKp9-v62o2Z2t0YbHfwdYfDG-1mJHuyWwOH57nt6JIi7wNcCQHMLcfcfEfB0eQUNgJCmq65c-BfcvMfGA92UbATHY9F3NXl45jJfF-sFv1Nc5h9sSgnp3esVKM7egAfCn0dbXr1E6Mx_kl_pLH6zUGONg1OyqT_nJh7LB_JlegZ1SR5gGkbLxV-LKWonhQCPhffMs6EzUjrcEUqw1s_EWS4W_zLdwJg6c1cOU0jO-T8soH-HQVlDmMo4SUMKUfQ30XkkAWDaYdiHd0zs1Crs6AGZNsG5A_tP04f-Q6L6z4d8lDbn2hE4xIPI_QBs-p_cxn66D6z12jdSfgqMMwMU0vk63O0Lxv4mLjtpSZzgTZJaI3B2_wrKsRV_mHVtyBhjyoFUXehcF2rS3c8OXGT1hInEuNLP3h4e2Le8BktVuSVd8QBPC20r6gkNj9DW3_Hg2P4g3LBkRKaTFYydnF_58vtwxZmWWapzpnaOr2KwjC3K4icsA_Y6M71kosE6ObDuKCNaL17eggi3CASegJkmyir_0mnfpZBjKf75CAgeMQ9esJxuCJTsWhmRqHNboqJkVAZM34pE51k47Yn1H1U_kocBrOZNMK38W7yefIGQ6ok_KdCOLqwVC0b9fCU5Oo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

moatapi.js
z.moatads.com/aolvidibleapi29384728347/ Frame E3B6
133 KB
44 KB
Script
General
Full URL
https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by
Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.82/0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:22:00 GMT
content-encoding
gzip
last-modified
Tue, 25 Feb 2020 18:37:38 GMT
server
AmazonS3
x-amz-request-id
388D180454D57022
etag
"d678022569896f7b7293494e3a69c8c7"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=20873
accept-ranges
bytes
content-length
44266
x-amz-id-2
YRazt8f2HdL/GdKJ7xRfwpiZuabplnBG4Bz+9Dx6gzE84tIDB/x3j3Ykz+Dntj24lICtePXAlJs=
vast
bid.g.doubleclick.net/dbm/ Frame 21C0
39 KB
17 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BLceI--NO-l1sjq_jJhD-v602k8DKC6_L2ky3O_ybmJPS_dVtA_amPlsCY7t_qtXVy2OxQeePmKGzjAjIxrb2Pru1qmg&dbm_d=AKAmf-Cx516WugLZu7ItGxSZTcWAi15-FbFqLNRo9tuUaFRP6j6nqTyphuV4zzLq5_sTnH2kAB2feD3hfwbTqJnDwn3Ih5OeoEeIXcUTjsm5EbKa_t58r3BjyKwg_YjvVq7X_58RdXBuo677o3F4QjH3iKXcXFp1_R5HOa7SUdM0_WCjUEnBtchi3bwZd6Ndb1Zhh5FRFxnNuY5HRAlrWf_h73v-xmWvddNj8Hcofkzf0InbvheJ4m3oUm2mDInoajUDigY34NZ6-K5dOx5hBHqhK9yfaETE-9vE0mRvKZ_-bCV9oncih-U85xdzigeKHlV41LuN0YmQkgxq2zf1JMsVNzLX2F2hG-cmPXSTtwErz8FWu_i_OlS0uAoZF0qMzk37P6sMxX0OQDnxDXD-MHq49EHkfZNdOrE7Vs5FaEKBRM_HYm0fiUZKQ87prY9UEkCrCH7ndQMT7lRW9_5FwH9KPpuH6ZvtF4TiUVEo30rIs1oXBt88LUYLR528i4EJU9CP_1CTSnuAR6QFE2Tj6mNpbqdgSCPeIPOWM-aK5vjE_elbaZYDMP0dgTez8NNm2dUAPcfnWq36xvECiz-ci8jiMQi7nssCqPwUSqiBseuHWbe09_-of_B4mUDOro95Mk7CgyjBk1_HN46lGSvy7QUp3NrecQ12sOFed68_6ycWmYjFl3zYNwTU-J_PFTDtxguoRCCxt97RcU4cegMtK982BEyab62oEzqGN1vzDualo4_iyOyKSXu_Ts8-ETxJ_XL_UhO6nUUzpvDq1IkaAQKYnfee7t5Jj2EBr133W2XiBc7oq_eVGW6NcCLSUe4Tchy20ocfegVzN0NBLKq4CEGAxDGpkunG44U-WY_zmdy_LnCNwZy-qizZyuNQxSFVChRl9QaPrziWyZqEPPgTHoBdu8AA8PevL4zfsRIbl0FHBVNpGAe6IM6WdcSnYXm4XE0Wyu53Elphk9dxwqzlUBzZDB1-Vtc7V6B2p0RmdfVIWpkIjSCCNE2-0cZRENrvL8X9zUsK0gcluVztNeewEubyLH25fsYluUlFJeWfkRdo5QnThhr-2c0PlVDsPCnU7GqAaj1VO6UK7hO1jCd5aWVvw6me5bo830unXFLE_9f-6glRqH7kD7hvy6QC3DTRINoq97zdwN--SdfLM6YSWFBkOPDnU1Nfha3JoG7I31Yi4PHaSoMYf6Wpkr5i10u_8AarBEIgpWWRwWqULc9X0FF0x8p8loDTOiGR0mzyHH_LOXxdKJ1SrjY0hYRnM6-14xtG1h0fFP6auTZr2irgGzSOdfIXbRGslAUfhIp64SD7G8bv3I5rINv0BoXBsEPU2zMBt-Y3J5iq1U61W_wiRkG0cNjolg4lml4_AleqsA1k6U6vJT7YftxVw_ALh5qXg1gxQdi4LC0VG4Xy7zrHue9mjgFj2UMVgu2zdU22hElKC7PBPkNgG-kBmyE600lw6FY0vmobPC3G1qo-UNH_Vm-hsj3HUr6IymdrNjKMtEMXgTO9t3WpALaxLxySnXk9aUE5A7tH72dxHAAkCkNrqkQUXjSu-rreql8vW8QBuQj1qi-9yFKF14FL6L_d3pwDefOSwehfA0fYTM75rMhLeoieYsDHy7VFKW8Y1zA2zF6O2rfd8OSaPwqi5_-6urPMtyAUDkNySWYj7904jccisT9Bqh21SF3U2JgvnhBYF3tZZTI82tn0aYInRP_OZ58a245m1hqQ1zVAaVo_xFQ2dewWmiql2gpAS4KYQOY3t0aGku9dzxrZAFWyfrIaCFDRveJAy9pdF9IrXyLebxTiqBKzzrEFMzq78IRDkiCjNW6CUkor0CA1OSZ5Puu2W9OxiWXXqzBrqEYiSN06Tg-ZU-4mXI5JIUM62lRz-yp_yZe5L2zlqMtsDPhvPvX-5myg2zOGDWs9-qaoNzG9nfxdam43Njp-EZvxoFW1XxdNNPwezai5XYLCfOEtK5jDflNvfSE6NTxdtgCVBpzSuPN56VZjnpEhwRabdHuUkCUqPjKQ27uf3Yv2MjWtSGy5kWikhqpLigsUGpHLsdJ9HloL21KVGbxv1JlRWDE5WFfzT1CdH22SyqS1aX2IFw7s21UCOe__N7qRZw0lz0vjfI2fH4slALhkeFpTsNgi9l5Np1mXVJDfezpsExfmH1LM0Yjg-5ZlQnhvqxpJv_0r5POJ4qN1bb2flhz1-2jHYHeKMBUJGPzQzdtfIgjbH0c7g1uwsAUsXrfTt7TtLiyeENtjFpj28-SJdQpuSdpM4gH0vGHnx-Jw8I-Z4HI2gN6W8YbcvDpyibf9lqEXo4z_QZdvCpJ6Lxf1J-cC4V72l1IXM-OJYWdleTC5UYkdS_kgfvau2Co9aQJ5_o84G0-7OU_sUUirIsJAI0hBuZBIMrqROGo1yqOunjB_v3SLlbBttduLoGIAu4YoLw3ZZZaAtWW7UxaML1ReGgFu0VXEnBUghqUHxQERb8m0Ch1JeZNQg3BPw4cZOJkdBAXc9oK_Ei6BGC-zeJ5CIxnyakV0vdVtNp6kuTahtEwKUZT-VAPBlfeSVFSPSLsYcZb4ljjUeNtPKRr9wqV4GNk1-dGjxFt3vWa15VzOoACIgBWSAHg24hjPzi1Z_bzxkm8mXnyUN2aHapzsyI7Y-bvv69DXroeVjMij6LfgDS0kqSb7oaHFLX8NTwi4psTcACxzJ_Pqy3tVEA61SujPs2CLL7xFK6Bo68PZ1OELQUxkG6fQwqQ0hBy6hHFwiI1VUPasvb1EoGQVbDdr71CtyOnX7PZwHNcuwf2Iyhl6ORspYyNoheR6uj99FX6ceeQPDsZdfglROIL2EZADa7E_iZ7vgXrlrvUsJaaMA8PMV8xOuOW5C0QJOals2hsq2qDm11x9wkePHwzZgOBXZQO3x7R1C6uUbmpj-fxYxifwG5J8e2bESISAnclDGNP9w6OPGldLBr89tPClKVEHGv26hhVYT9OI6_MmQymu5YqxURB5ZeknaeEZM4PWmjyc8svJBUnCeyQ7pLfvwpdO5p7SREuG6FZMgSuvludZHE5njkogXrfTH18fTYnUtORWsgpZtv6NFJYtxYD6wgCLHyeYo8cdtr0laFA2wM-h7GXKXtVEIB62rcaZ0QbzVF7xpH4xKwfpmYhZPQzm5KoPuJnMpSfSt7cmguyjx73WPQBA2pnAxZ-aacSdIB5I12_p__4ktZR7n93RKuRfd0wYnWFqJ9PcDA&cid=CAASBORohro&pr=2%3A0.070594
Requested by
Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.82/0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.204.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ti-in-f154.1e100.net
Software
cafe /
Resource Hash
115ca110b5bd834955c89e252c047c9ea45cab5efe654d6d72308cad6510e869
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer
https://cdn.playwire.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16815
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://cdn.playwire.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
display.gif
trk.vidible.tv/trk/ Frame 21C0
0
66 B
Image
General
Full URL
https://trk.vidible.tv/trk/display.gif?bcid=56bcd17ce4b018167fea5539&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.onmsft.com&s=true&sid=0536cf9d-89ad-4794-805c-b78387c7a119&vvuid=d6d6736e-3c91-4630-938e-ee87fa56677d&ab=0&dt=655&h=254&spaceid=793604934&w=452&cb=0.031158218747646016
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.103.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-103-248.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ad-request.gif
trk.vidible.tv/trk/ Frame 21C0
0
66 B
Image
General
Full URL
https://trk.vidible.tv/trk/ad-request.gif?bcid=56bcd17ce4b018167fea5539&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.onmsft.com&s=true&sid=0536cf9d-89ad-4794-805c-b78387c7a119&vvuid=d6d6736e-3c91-4630-938e-ee87fa56677d&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=100&vwm=-1&cb=0.5623492312898168
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.103.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-103-248.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ad-engine-request.gif
trk.vidible.tv/trk/ Frame 21C0
0
66 B
Image
General
Full URL
https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=56bcd17ce4b018167fea5539&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.onmsft.com&s=true&sid=0536cf9d-89ad-4794-805c-b78387c7a119&vvuid=d6d6736e-3c91-4630-938e-ee87fa56677d&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=452&p.vw.active=1&p.vw.sound=0&vwa=100&vwm=-1&h=254&cb=0.7071557329173781
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.103.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-103-248.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
adEngEvent
prod-m-node-2113.ssp.yahoo.com/admax/ Frame 21C0
0
55 B
Image
General
Full URL
https://prod-m-node-2113.ssp.yahoo.com/admax/adEngEvent?tidi=770912229&dcn=8a969574017b7be07f13e163c6300030&posi=1575335&uid=y-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%7EA&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxKUE4.&b=MTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.&hb=true&type=6&a=41e73af2-cc6b-4015-b992-d89d96f3a508&rts=1660360917649&eet=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.120.7 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-120-7.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
content-length
0
server
nginx/1.20.1
ecm3
s.amazon-adsystem.com/ Frame AAC7
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=01af0a18
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=01af0a18
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VENF3XHY4GH799M9Q5CA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sat, 13 Aug 2022 03:22:00 GMT
via
1.1 b1257c11fb2562c17577d8c91fc4af62.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT57-C4
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=01af0a18
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
SfvrN0sQHlZd85cKl_eWUnIOH-UCFLSkTJkl-4x2lHVuax2y6HU3jw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 143F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYsk61xj3YsmCOMmMpt8P9I65-AIAAAAAOAHgBAI&bg=!vL-lv_vNAAa4hXTbmIU7ACkAdvg8WmVEQ5OIVuUaUql0HOT6nO3OgAj-zkcNBN1c3Sz2IFDbEGMeswIAAAF-UgAAAAFoAQeZAyjioxArRD00s8h9LFCAZB3D2IDcIhCQbHPR976fy8NDATRY3A4v-q_pHsL4ev0vEkSp44w_o97VEbFH8wGYgZhT0G-MFThrevMXkjt4hQXPhdT5Wl0dx1xy3pjovsRqKapZv48rRkIQQX2oepSa3WsbL0Yz4kCvyK_vZ-cR0xQsxohp6zJE0wsYwjZmeaW9BxlCfKqo19xQVvcKfOLQ7GQNAa4d24k0iKdKr9Jnqk7UkBCLxCqAc7KYkRmB26NUfEQPvZks6ZbeXShRQ0PZ3_ndyIFqQXLxIaQsoYLPJ1m-Yo-nsocvaBCPnxmkH0j-cdws1ixLGZXugOIVxeCssAoQXHaMAlntQ8APo74xoly5i5aNQnkiSTdxNXyGrApAi7ZM4ccVeJORIAOFV7YFn6x9ZmpubVVUy0nsXAMhHewu0Ii7M5MklhF5TTWIPCQyXz6Hy9IPqwDhsuSrrWUCeyYNGpDAfxgyhb476xAuD07Pa0EPSOu5zsmuCrfv_iHi_FXJEXY0ZpVu0_h4oHtX3_u3dVyURnu3QI7LSCtn_NlAXFMRovkGeLfkEBGeI3AExMAh6hoNWXkltx1LOCiPHv8gwmysron4WA73K5MtYqrViwe-XwNrtBeuCUhyYzmoxPZqP1bfnDYXxdOfGKhwOJslvURG5NGm23iSGSCTtg3CP_s3N40HTzlapy_xbgi6qNhMMdMYP08kGM1XX68k_i2sDO_0O_XXBqKCnTydBDF8m8ELs0SZfmre2Dzb2xIQqo5L0gofzZvEPcXT8P4iEUVIVU56FdvvuWJ5HP7MFxXL49ckPcnrAm_cnU-0dVYlMsrSkdCzYiTm3KE8jmUIM6g6nbmim5dzeDL-iXzeiebRlHPolPIq3dEYxXhjKYlzuslq0bCaP58tZHd_EAjWL4feo0AkrocuJ3pGibd5rKgRUsE8yfrJSTiRC2EOXNwUZH5FWz8rTeyhfVtO7qfGbs6iJrszC8u24Os83Y3XogvDI7Nf162aM8SoxpbuGAL2FzWBoEY8KcL1Ir3XngF-XGF6xQGcUmHqCB8yy8kDjaa7ep5iOY68nV7T
Requested by
Host: 08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
URL: https://08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubcid.php
hbx.media.net/ Frame 9D07
57 KB
18 KB
Script
General
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Sat, 13 Aug 2022 03:22:00 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:52:00 GMT
sync
gum.criteo.com/ Frame 9D07
61 B
383 B
Script
General
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:21:59 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1207
strict-transport-security
max-age=31536000; preload;
content-length
175
expires
60
usync.html
eus.rubiconproject.com/ Frame 07E0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Aug 2022 03:22:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 13 Aug 2022 03:22:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 65C7
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Drkt%26refUrl%3D%26vid%3D036092056230336252064522730...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3033625206452273000V10&type=rkt&refUrl=&vid=03609205623033625206452273000V10&ovsid=1917759393911754062
219 B
651 B
Document
General
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3033625206452273000V10&type=rkt&refUrl=&vid=03609205623033625206452273000V10&ovsid=1917759393911754062
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Sat, 13 Aug 2022 03:22:01 GMT
expires
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Sat, 13 Aug 2022 03:22:01 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3033625206452273000V10&type=rkt&refUrl=&vid=03609205623033625206452273000V10&ovsid=1917759393911754062
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
cksync.php
contextual.media.net/ Frame 9D07
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=son&refUrl=&vid=03609205623033625206452273000V10&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=son&refUrl=&vid=03609205623033625206452273000V10&ovsid=9f2dede7-e0a8-416c-bb59-baffdef61b9f
45 B
464 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=son&refUrl=&vid=03609205623033625206452273000V10&ovsid=9f2dede7-e0a8-416c-bb59-baffdef61b9f
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:01 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:00 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-38
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=son&refUrl=&vid=03609205623033625206452273000V10&ovsid=9f2dede7-e0a8-416c-bb59-baffdef61b9f
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.php
contextual.media.net/ Frame 9D07
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=19fa9865399820b7&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=con&refUrl=&vid=03609205623033625206452273000V10&ovsid=AAALmheeFssUiAMEBQc4AAAAAAA&expiration=1660447321&is_secure=true
45 B
459 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=con&refUrl=&vid=03609205623033625206452273000V10&ovsid=AAALmheeFssUiAMEBQc4AAAAAAA&expiration=1660447321&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:01 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=con&refUrl=&vid=03609205623033625206452273000V10&ovsid=AAALmheeFssUiAMEBQc4AAAAAAA&expiration=1660447321&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.html
contextual.media.net/ Frame 9D07
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3033625206452273...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3033625206452273000V10&type=opx&refUrl=&vid=03609205623033625206452273000V10&ovsid=f8f056cc-1ad1-4d2f-9426-10d2b5ee3968
219 B
219 B
Image
General
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3033625206452273000V10&type=opx&refUrl=&vid=03609205623033625206452273000V10&ovsid=f8f056cc-1ad1-4d2f-9426-10d2b5ee3968
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:00 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:00 GMT

Redirect headers

date
Sat, 13 Aug 2022 03:22:00 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=3033625206452273000V10&type=opx&refUrl=&vid=03609205623033625206452273000V10&ovsid=f8f056cc-1ad1-4d2f-9426-10d2b5ee3968
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cksync.php
contextual.media.net/ Frame 9D07
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dr1%26refUrl%3D%26vid%3D03609205623033625206...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dr1%26refUrl%3D%26vid%3D03609205623033...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8516397826
  • https://sync.1rx.io/usersync/tradedesk/1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
  • https://sync.targeting.unrulymedia.com/csync/RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=r1&refUrl=&vid=03609205913033625206452273000V10&ovsid=RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004
45 B
470 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=r1&refUrl=&vid=03609205913033625206452273000V10&ovsid=RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:01 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=r1&refUrl=&vid=03609205913033625206452273000V10&ovsid=RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004
date
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX9514fee7cf214d058d96b1a5f70007c4004
content-type
text/html
cksync
cs.media.net/ Frame 9D07
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzAzMzYyNTIwNjQ1MjI3MzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEkU0tDb_iohjUTxiddEYm4&google_cver=1
45 B
445 B
Image
General
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEkU0tDb_iohjUTxiddEYm4&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:01 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEkU0tDb_iohjUTxiddEYm4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 9D07
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Ddxu%26refUrl%3D%26vid%3D03609205623033625206452...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Ddxu%26refUrl%3D%26vid%3D03609205623033625...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=dxu&refUrl=&vid=03609205623033625206452273000V10&ovsid=46mtB6UV1OmHIQ5
45 B
451 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=dxu&refUrl=&vid=03609205623033625206452273000V10&ovsid=46mtB6UV1OmHIQ5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:01 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:00 GMT
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-0ba97292cfef13069@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=dxu&refUrl=&vid=03609205623033625206452273000V10&ovsid=46mtB6UV1OmHIQ5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 9D07
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f21274b8-f3ee-4fcd-9466-86de44913df2
45 B
615 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f21274b8-f3ee-4fcd-9466-86de44913df2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:00 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f21274b8-f3ee-4fcd-9466-86de44913df2
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
920689
content-length
0
expires
Sat, 13 Aug 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 9D07
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=f5902f6c-8f9b-44bb-af11-1df39412e0e6&google_hm=ZjU5MDJmNmMtOGY5Yi00NGJiLWFmMTEtMWRmMzk0MTJlMGU2
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGYrH1-89pebrSLjsEbpqHo&google_cver=1&ssp=medianet&bsw_param=f5902f6c-8f9b-44bb-af11-1df39412e0e6
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f5902f6c-8f9b-44bb-af11-1df39412e0e6&gdpr=&gdpr_consent=&gdpr_pd=
45 B
464 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f5902f6c-8f9b-44bb-af11-1df39412e0e6&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:00 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:00 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f5902f6c-8f9b-44bb-af11-1df39412e0e6&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 13 Aug 2022 03:22:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 9D07
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dzem%26refUrl%3D%26vid%3D03609205623033625206452273...
  • https://stags.bluekai.com/site/23178?id=tqzWxCyZyB15YWGOWzwF&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLUOF5FO6CDPFNHSQRRGVMVOR2PK55HO...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=tqzWxCyZyB15YWGOWzwF&refUrl=&type=zem&vid=03609205623033625206452273000V10&vsid=3033625206452273000V10
45 B
456 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=tqzWxCyZyB15YWGOWzwF&refUrl=&type=zem&vid=03609205623033625206452273000V10&vsid=3033625206452273000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:01 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=tqzWxCyZyB15YWGOWzwF&refUrl=&type=zem&vid=03609205623033625206452273000V10&vsid=3033625206452273000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 9D07
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3033625206452273000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3033625206452273000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=3e219616-e458-474a-9431-4c8145dabbc3&cs=1
45 B
465 B
Image
General
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=3e219616-e458-474a-9431-4c8145dabbc3&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:02 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:02 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=3e219616-e458-474a-9431-4c8145dabbc3&cs=1
Date
Sat, 13 Aug 2022 03:22:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame 9D07
0
66 B
Image
General
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Demx%26refUrl%3D%26vid%3D03609205623033625206452273000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.123.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-123-47.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
710489.gif
id.rlcdn.com/ Frame 9D07
42 B
60 B
Image
General
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:22:00 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame 9D07
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
45 B
450 B
Image
General
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:01 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
dcm
s.amazon-adsystem.com/ Frame 9D07
Redirect Chain
  • https://cs.media.net/cksync?cs=35&type=tam&ovsid=setstatuscode&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3Ddcd3b62c-7a4b-4d79-a73e-c47474a8ab42%26id%3D3033625206452273000V10%26gdpr%3...
  • https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=3033625206452273000V10&gdpr=0&gdpr_consent=
43 B
932 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=3033625206452273000V10&gdpr=0&gdpr_consent=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
46D8BTJEMYZ9VD6VCC5N
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=3033625206452273000V10&gdpr=0&gdpr_consent=
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:01 GMT
amzns2s
rtb.gumgum.com/usync/ Frame 553C
4 KB
1 KB
Document
General
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.4.232 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-4-232.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1dfe53f5ecd49796b85ed91d580d903217d2e0d54baceb52213e08fba51fd87

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 13 Aug 2022 03:22:00 GMT
etag
W/"06cabd578521393b2f68b56d8791b16be"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 30ED
54 B
845 B
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
739e52e9aae31d63-NRT
content-encoding
br
content-type
text/html
date
Sat, 13 Aug 2022 03:22:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3IbTPIjnDZeQ2xn2Z69nb6egNz7940P1fvEINMZ2bfZHenhQ5gdvn60dOX4BAaE1afkZMQCN%2BIN4OzSizt%2BLnPQg%2B3hed9imAyEz2OXLhdM0vQ2%2ByKvQr2r0r5AyrYVmJiSgXr25JqsDg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
/
match.sharethrough.com/jwumXNuB/v1/ Frame 08FD
427 B
612 B
Document
General
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.33.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-33-203.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
771e8d4d267ab80e1a82d0922d586068b55161fb29c79d183342367473c61b01

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
427
date
Sat, 13 Aug 2022 03:22:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EC13
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-52-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=29245
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 13 Aug 2022 03:22:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 13 Aug 2022 11:29:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 09A7
941 B
1 KB
Document
General
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.242.234 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-242-234.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
54fe3821920037cccefd8aa1b5f84556deb26f64c86e7fe5ebaaa75f123bc649

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
usync.html
eus.rubiconproject.com/ Frame 6979
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Aug 2022 03:22:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 370F
553 B
373 B
Document
General
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3adaef866644ec5ae2581db9642750d71e9aa61859a51c44ea230b94a11fa229

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
354
content-type
text/html
date
Sat, 13 Aug 2022 03:22:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 6F6D
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4960241744634227040&gdpr=0&gdpr_consent=
43 B
556 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4960241744634227040&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 13 Aug 2022 03:22:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
EAE6CY2T5N71BH3MBJTX

Redirect headers

content-length
0
date
Sat, 13 Aug 2022 03:22:00 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4960241744634227040&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame E871
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=4764734661110149725&ex=appnexus.com
43 B
556 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=4764734661110149725&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 13 Aug 2022 03:22:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
ADGFYZNBDAR43DBKKJQ1

Redirect headers

AN-X-Request-Uuid
c16accc8-5b37-449b-804a-a6deb4b22ad3
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sat, 13 Aug 2022 03:22:00 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=4764734661110149725&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.138.252.170; 217.138.252.170; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame 02F4
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=585789278119328662530
43 B
556 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=585789278119328662530
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 13 Aug 2022 03:22:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
SMA30JKVHMSRMRKW582W

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 13 Aug 2022 03:22:00 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=585789278119328662530
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pubcid.php
hbx.media.net/ Frame 895F
57 KB
18 KB
Script
General
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Sat, 13 Aug 2022 03:22:00 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:52:00 GMT
sync
gum.criteo.com/ Frame 895F
61 B
382 B
Script
General
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1122
strict-transport-security
max-age=31536000; preload;
content-length
175
expires
60
usync.html
eus.rubiconproject.com/ Frame 58AD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Aug 2022 03:22:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 13 Aug 2022 03:22:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync
cs.media.net/ Frame 895F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzAzMzYyNTIwNjQ1MjI3MzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEkU0tDb_iohjUTxiddEYm4&google_cver=1
45 B
445 B
Image
General
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEkU0tDb_iohjUTxiddEYm4&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:01 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEkU0tDb_iohjUTxiddEYm4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.html
contextual.media.net/ Frame 1694
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Drkt%26refUrl%3D%26vid%3D036092059130336252064522730...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3033625206452273000V10&type=rkt&refUrl=&vid=03609205913033625206452273000V10&ovsid=2019090386113786897
219 B
651 B
Document
General
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3033625206452273000V10&type=rkt&refUrl=&vid=03609205913033625206452273000V10&ovsid=2019090386113786897
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Sat, 13 Aug 2022 03:22:01 GMT
expires
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Sat, 13 Aug 2022 03:22:01 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3033625206452273000V10&type=rkt&refUrl=&vid=03609205913033625206452273000V10&ovsid=2019090386113786897
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
cksync.php
contextual.media.net/ Frame 895F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=9ce59d25-03af-4690-aa01-c0718bcf5d89
45 B
614 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=9ce59d25-03af-4690-aa01-c0718bcf5d89
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:00 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:21:59 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=9ce59d25-03af-4690-aa01-c0718bcf5d89
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1562829
content-length
0
expires
Sat, 13 Aug 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 895F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=f5902f6c-8f9b-44bb-af11-1df39412e0e6&google_hm=ZjU5MDJmNmMtOGY5Yi00NGJiLWFmMTEtMWRmMzk0MTJlMGU2
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGYrH1-89pebrSLjsEbpqHo&google_cver=1&ssp=medianet&bsw_param=f5902f6c-8f9b-44bb-af11-1df39412e0e6
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f5902f6c-8f9b-44bb-af11-1df39412e0e6&gdpr=&gdpr_consent=&gdpr_pd=
45 B
464 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f5902f6c-8f9b-44bb-af11-1df39412e0e6&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:00 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:00 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f5902f6c-8f9b-44bb-af11-1df39412e0e6&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 13 Aug 2022 03:22:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
rtb.mfadsrvr.com/ Frame 895F
43 B
220 B
Image
General
Full URL
https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3033625206452273000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.96.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-96-88.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 03:22:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
710489.gif
id.rlcdn.com/ Frame 895F
42 B
60 B
Image
General
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:22:00 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame 895F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
45 B
450 B
Image
General
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:01 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
dcm
s.amazon-adsystem.com/ Frame 895F
Redirect Chain
  • https://cs.media.net/cksync?cs=35&type=tam&ovsid=setstatuscode&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3Ddcd3b62c-7a4b-4d79-a73e-c47474a8ab42%26id%3D3033625206452273000V10%26gdpr%3...
  • https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=3033625206452273000V10&gdpr=0&gdpr_consent=
43 B
932 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=3033625206452273000V10&gdpr=0&gdpr_consent=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
QM4T28NZDJAG8CGX3D36
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=3033625206452273000V10&gdpr=0&gdpr_consent=
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:01 GMT
cksync.php
contextual.media.net/ Frame 895F
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=son&refUrl=&vid=03609205913033625206452273000V10&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=son&refUrl=&vid=03609205913033625206452273000V10&ovsid=9f2dede7-e0a8-416c-bb59-baffdef61b9f
45 B
464 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=son&refUrl=&vid=03609205913033625206452273000V10&ovsid=9f2dede7-e0a8-416c-bb59-baffdef61b9f
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:01 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:00 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=son&refUrl=&vid=03609205913033625206452273000V10&ovsid=9f2dede7-e0a8-416c-bb59-baffdef61b9f
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.php
contextual.media.net/ Frame 895F
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=45d72675ad1012ba&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=con&refUrl=&vid=03609205913033625206452273000V10&ovsid=AAAGpnvoVmoy_wNTbbhpAAAAAAA&expiration=1660447321&is_secure=true
45 B
460 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=con&refUrl=&vid=03609205913033625206452273000V10&ovsid=AAAGpnvoVmoy_wNTbbhpAAAAAAA&expiration=1660447321&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:01 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=con&refUrl=&vid=03609205913033625206452273000V10&ovsid=AAAGpnvoVmoy_wNTbbhpAAAAAAA&expiration=1660447321&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.html
contextual.media.net/ Frame 895F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3033625206452273...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3033625206452273000V10&type=opx&refUrl=&vid=03609205913033625206452273000V10&ovsid=f8f056cc-1ad1-4d2f-9426-10d2b5ee3968
219 B
219 B
Image
General
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3033625206452273000V10&type=opx&refUrl=&vid=03609205913033625206452273000V10&ovsid=f8f056cc-1ad1-4d2f-9426-10d2b5ee3968
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:00 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:00 GMT

Redirect headers

date
Sat, 13 Aug 2022 03:22:00 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=3033625206452273000V10&type=opx&refUrl=&vid=03609205913033625206452273000V10&ovsid=f8f056cc-1ad1-4d2f-9426-10d2b5ee3968
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cksync.php
contextual.media.net/ Frame 895F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dr1%26refUrl%3D%26vid%3D03609205913033625206...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dr1%26refUrl%3D%26vid%3D03609205913033...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8060186016
  • https://sync.1rx.io/usersync/tradedesk/1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
  • https://sync.targeting.unrulymedia.com/csync/RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=r1&refUrl=&vid=03609205913033625206452273000V10&ovsid=RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004
45 B
470 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=r1&refUrl=&vid=03609205913033625206452273000V10&ovsid=RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:01 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=r1&refUrl=&vid=03609205913033625206452273000V10&ovsid=RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004
date
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX9514fee7cf214d058d96b1a5f70007c4004
content-type
text/html
cksync.php
contextual.media.net/ Frame 895F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Ddxu%26refUrl%3D%26vid%3D03609205913033625206452...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Ddxu%26refUrl%3D%26vid%3D03609205913033625...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=dxu&refUrl=&vid=03609205913033625206452273000V10&ovsid=46mtB6UV1OmHIQ5
45 B
451 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=dxu&refUrl=&vid=03609205913033625206452273000V10&ovsid=46mtB6UV1OmHIQ5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:01 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:00 GMT
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-0d0566d062fd4ea5d@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=dxu&refUrl=&vid=03609205913033625206452273000V10&ovsid=46mtB6UV1OmHIQ5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 895F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dzem%26refUrl%3D%26vid%3D03609205913033625206452273...
  • https://stags.bluekai.com/site/23178?id=GvScvJFUp3o-eUPmKTpQ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKHOZJWG5SKIZKXAM3PFVSVKUDNJNKHA...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=GvScvJFUp3o-eUPmKTpQ&refUrl=&type=zem&vid=03609205913033625206452273000V10&vsid=3033625206452273000V10
45 B
456 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=GvScvJFUp3o-eUPmKTpQ&refUrl=&type=zem&vid=03609205913033625206452273000V10&vsid=3033625206452273000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:01 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=GvScvJFUp3o-eUPmKTpQ&refUrl=&type=zem&vid=03609205913033625206452273000V10&vsid=3033625206452273000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
um
cs.emxdgt.com/ Frame 895F
0
66 B
Image
General
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Demx%26refUrl%3D%26vid%3D03609205913033625206452273000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.123.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-123-47.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4D32
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Aug 2022 03:22:00 GMT
pixel.gif
px.moatads.com/ Frame E3B6
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1660360920626&de=233499198672&d=42%3A-%3A-%3A-&bo=onmsft.com&bd=onmsft.com&f=1&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:22:00 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 03:22:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4AD7
43 B
932 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8CNHPMFY4GWJX6R71HX3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 4AD7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6RC0R9W-4-M8UN&sigv=1&esig=2~7a72d59123baeec2be2a61652379c5ad31707f0a
0
47 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6RC0R9W-4-M8UN&sigv=1&esig=2~7a72d59123baeec2be2a61652379c5ad31707f0a
Protocol
H2
Server
2406:2000:a4:9fe::1 , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6RC0R9W-4-M8UN&sigv=1&esig=2~7a72d59123baeec2be2a61652379c5ad31707f0a
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 4AD7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=l-sZCLFrT6yLcOJHEy5bcg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=l-sZCLFrT6yLcOJHEy5bcg
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=l-sZCLFrT6yLcOJHEy5bcg
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
B84NAHTMY508FG1W6PNB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=l-sZCLFrT6yLcOJHEy5bcg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4AD7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEONTCybOP0wRK9NymVTKcOM&google_cver=1
42 B
702 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEONTCybOP0wRK9NymVTKcOM&google_cver=1
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEONTCybOP0wRK9NymVTKcOM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 4AD7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1&gdpr=0&gdpr_consent=&expires=30
42 B
702 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
5e3ed5b16ff95387d0b9d1c5e78ff6a2
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
pixel
cm.g.doubleclick.net/ Frame 4AD7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSQzBSOVctNC1NOFVO
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSQzBSOVctNC1NOFVO
Protocol
H3
Server
216.58.220.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s30-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSQzBSOVctNC1NOFVO
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5e3ed5b16ff95387d0b9d1c5e78ff6a2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 4AD7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6RC0R9W-4-M8UN
0
789 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6RC0R9W-4-M8UN
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: D749A4FCFF6D47DB9B8A0048A6A45FA9 Ref B: TYBEDGE0909 Ref C: 2022-08-13T03:22:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-proto
http/2
content-length
0
x-li-uuid
AAXmFuboQ+varnzjYQC5hQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6RC0R9W-4-M8UN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5e3ed5b16ff95387d0b9d1c5e78ff6a2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 4AD7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=L6RC0R9W-4-M8UN&ex=d-rubiconproject.com&status=ok
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=L6RC0R9W-4-M8UN&ex=d-rubiconproject.com&status=ok
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZF3STZ4MJRTM81KNQBQZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=L6RC0R9W-4-M8UN&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Expires
0
dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
pagead2.googlesyndication.com/bg/ Frame FD48
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:03:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
328740
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14301
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 08:03:00 GMT
usersync
usersync.gumgum.com/ Frame 553C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=4764734661110149725
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=4764734661110149725
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:00 GMT
X-Proxy-Origin
217.138.252.170; 217.138.252.170; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1b50fb18-23ce-4f37-8266-6baa6eccc363
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=4764734661110149725
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 553C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_de3429c8-f31c-48ab-bba4-33bfe83a056e&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_de3429c8-f31c-48ab-bba4-33bfe83a056e&gdpr=&gdpr_consent=&us_privacy=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=685831974341956506&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=f5902f6c-8f9b-44bb-af11-1df39412e0e6
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=f5902f6c-8f9b-44bb-af11-1df39412e0e6
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=f5902f6c-8f9b-44bb-af11-1df39412e0e6
Date
Sat, 13 Aug 2022 03:22:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
temp.com/ Frame 553C
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28dMIi38EA75YSj3T9XAFXHHnttqk5hVMNF_xqlib1iehv17u1gVy6p23n3pDKNe2p%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_de3429c8-f31c-48ab-bba4-33bfe83a056e&obuid=ENC(dMIi38EA75YSj3T9XAFXHHnttqk5hVMNF_xqlib1iehv17u1gVy6p23n3pDKNe2p)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • http://temp.com/
0
0

usersync
usersync.gumgum.com/ Frame 553C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=c7e19b23-99c4-4f99-9012-7e51cf51aaf2
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=c7e19b23-99c4-4f99-9012-7e51cf51aaf2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Sat, 13 Aug 2022 03:22:00 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=c7e19b23-99c4-4f99-9012-7e51cf51aaf2
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
usersync.gumgum.com/ Frame 553C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-c3a820f3-63ed-4e0c-6955-4fa59df7242c$ip$217.138.252.170
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-c3a820f3-63ed-4e0c-6955-4fa59df7242c$ip$217.138.252.170
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-c3a820f3-63ed-4e0c-6955-4fa59df7242c$ip$217.138.252.170
Date
Sat, 13 Aug 2022 03:22:01 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 553C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-67jilTNE2peybjpts5sC2HdDS9ZAJFdgk0Iz~A
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-67jilTNE2peybjpts5sC2HdDS9ZAJFdgk0Iz~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Sat, 13 Aug 2022 03:22:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://usersync.gumgum.com/usersync?b=oth&i=y-67jilTNE2peybjpts5sC2HdDS9ZAJFdgk0Iz~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 553C
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=cf0e775b-5b17-4585-bbec-e0582fd9c7ca
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=cf0e775b-5b17-4585-bbec-e0582fd9c7ca
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=cf0e775b-5b17-4585-bbec-e0582fd9c7ca
Date
Sat, 13 Aug 2022 03:22:01 GMT
X-CI-RTID
189c8271-5912-42cd-95be-9b53f9cd748e
Connection
keep-alive
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 553C
0
248 B
Image
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 13 Aug 2022 03:22:00 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
86902480
142
match.deepintent.com/usersync/ Frame 553C
0
44 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame 553C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_de3429c8-f31c-48ab-bba4-33bfe83a056e&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=NTOCbqJvHHvAq2ZpOhUX&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVHFIT2DMJYUU5SIJB3EC4JSLJYE62CVLA
  • https://usersync.gumgum.com/usersync?b=zem&i=NTOCbqJvHHvAq2ZpOhUX
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=NTOCbqJvHHvAq2ZpOhUX
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
P3p
CP="We do not support P3P header."
Location
https://usersync.gumgum.com/usersync?b=zem&i=NTOCbqJvHHvAq2ZpOhUX
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 553C
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=c8461c9a-9d8c-4442-b5f7-9da8e522489f
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=c8461c9a-9d8c-4442-b5f7-9da8e522489f
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=c8461c9a-9d8c-4442-b5f7-9da8e522489f
date
Sat, 13 Aug 2022 03:22:01 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cksync.php
contextual.media.net/ Frame 553C
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6656858930
  • https://sync.1rx.io/usersync/tradedesk/1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
  • https://sync.targeting.unrulymedia.com/csync/RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=r1&refUrl=&vid=03609205913033625206452273000V10&ovsid=RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004
45 B
470 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=r1&refUrl=&vid=03609205913033625206452273000V10&ovsid=RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:01 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=r1&refUrl=&vid=03609205913033625206452273000V10&ovsid=RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004
date
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX9514fee7cf214d058d96b1a5f70007c4004
content-type
text/html
usersync
usersync.gumgum.com/ Frame 553C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=tzPZ3lY2JT5A&ev=1&pid=558355
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=tzPZ3lY2JT5A&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
jp-JP
location
https://usersync.gumgum.com/usersync?b=pln&i=tzPZ3lY2JT5A&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-795bb79696-rr26j
expires
-1
usersync
usersync.gumgum.com/ Frame 553C
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=4960241744634227040
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=4960241744634227040
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=4960241744634227040
date
Sat, 13 Aug 2022 03:22:00 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 553C
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=a_de3429c8-f31c-48ab-bba4-33bfe83a056e
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
4J6JEBSJR1CPD5DZB5PW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 6979
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f20b44f4c11af710237c278ab58ad01bfe9dfc72f62131392dc7c391a9d35a64

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 03:22:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70533
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9452
Expires
Sat, 13 Aug 2022 22:57:33 GMT
usync.js
eus.rubiconproject.com/ Frame 07E0
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f20b44f4c11af710237c278ab58ad01bfe9dfc72f62131392dc7c391a9d35a64

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 03:22:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70533
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9452
Expires
Sat, 13 Aug 2022 22:57:33 GMT
ecm3
s.amazon-adsystem.com/ Frame 370F
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=680a432e-ad7b-cc35-3767-ec2b6f326054
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
FA2G2X4X1SH5ZHNRV4DT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
a41b5917-217d-e586-c6be-7849f85666fd
pr-bh.ybp.yahoo.com/sync/openx/ Frame 370F
43 B
989 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/a41b5917-217d-e586-c6be-7849f85666fd?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:929:5a00:db9b:193f:ae4:db25 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
openx
cs.nex8.net/cs/ Frame 370F
0
0

dds
rtb.openx.net/sync/ Frame 370F
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=74q1bxhXzuERHSIL1BiRDg==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
blfoctiisa8u3tr7k9arih69oupn0ovf

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
jp-u.openx.net/w/1.0/ Frame 370F
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&uid-set=1
  • https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dopenx%26uid%2Dset%3D1%26auid%3D
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&uid-set=1&auid=e9396891-64a8-44bc-bba9-98c1827fb078
  • https://jp-u.openx.net/w/1.0/sd?id=537072588&val=gB9Y-oHxHhy-l
43 B
61 B
Image
General
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072588&val=gB9Y-oHxHhy-l
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Server
nginx
Location
https://jp-u.openx.net/w/1.0/sd?id=537072588&val=gB9Y-oHxHhy-l
Cache-Control
no-store,no-cache
Connection
close
Content-Length
0
expires
-1
sd
jp-u.openx.net/w/1.0/ Frame 370F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://jp-u.openx.net/w/1.0/sd?id=536872786&val=c02b62f7-18d8-4b00-b88a-52a4b056996c
43 B
61 B
Image
General
Full URL
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=c02b62f7-18d8-4b00-b88a-52a4b056996c
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 13 Aug 2022 03:22:00 GMT
Server
MT3 4475 c1dc35a master hkg-pixel-x5 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=c02b62f7-18d8-4b00-b88a-52a4b056996c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 13 Aug 2022 03:21:59 GMT
usync.js
eus.rubiconproject.com/ Frame 58AD
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f20b44f4c11af710237c278ab58ad01bfe9dfc72f62131392dc7c391a9d35a64

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 03:22:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70533
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9452
Expires
Sat, 13 Aug 2022 22:57:33 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B25C
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-52-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=29245
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 13 Aug 2022 03:22:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 13 Aug 2022 11:29:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame A38E
4 KB
1 KB
Document
General
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.4.232 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-4-232.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ca09dc0ff75065cb3364174a40a3293d9979980384bbc3e46bbc3ca62a530517

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 13 Aug 2022 03:22:00 GMT
etag
W/"0a1c4d7c212a79bba6e1b6c6b2358cd63"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame A2BD
2 KB
864 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 3655
642 B
744 B
Document
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
74dac8b603fbfb43cc8145c1dfa1c9ef06494a4fc211af7c162c6d543e2e7492

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
642
content-type
text/html
date
Sat, 13 Aug 2022 03:22:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame ADBD
54 B
809 B
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
739e52ea7b571d63-NRT
content-encoding
br
content-type
text/html
date
Sat, 13 Aug 2022 03:22:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBpticG9OgP81f6xhTS24nX5DjQT6ouPOBVSCkjeeZdlsDbVNADiZizx3b%2Bo7UVUHqTKb1uwXhyZrVA4%2BeUCq45dod090gy9K9O7kwnaWGs4AUfaDH8wG2M3G33JMT%2F5c%2BVEgLgerJJ1bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
setuid
x.yieldlift.com/ Frame F88B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L6RC0R9W-4-M8UN&gdpr=0&us_privacy=1YN-
0
570 B
Image
General
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L6RC0R9W-4-M8UN&gdpr=0&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
44.194.177.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-177-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Accept
application/json
Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/json;charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L6RC0R9W-4-M8UN&gdpr=0&us_privacy=1YN-
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Expires
0
sync
ads.servenobid.com/ Frame F88B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=4764734661110149725
0
343 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=312&uid=4764734661110149725
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.189.212.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-189-212-84.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:00 GMT
X-Proxy-Origin
217.138.252.170; 217.138.252.170; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f8f60622-20c9-4297-ba51-35102614c436
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=4764734661110149725
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame F88B
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FIwqCRZHvmIO3p7xTrCEtb3T
0
350 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FIwqCRZHvmIO3p7xTrCEtb3T
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.189.212.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-189-212-84.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FIwqCRZHvmIO3p7xTrCEtb3T
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame F88B
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FIwqCRZHvmIO3p7xTrCEtb3T
0
350 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FIwqCRZHvmIO3p7xTrCEtb3T
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.189.212.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-189-212-84.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Sat, 13 Aug 2022 03:22:01 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FIwqCRZHvmIO3p7xTrCEtb3T
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ads.servenobid.com/ Frame F88B
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiMzBlMDNjMjctNjNkMi00NGI5LTk2MDQtOGM5NTI0Y2VlMDM4IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0xM1QwMzoyMjowMS4zODMyOTdaIn0=
0
431 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiMzBlMDNjMjctNjNkMi00NGI5LTk2MDQtOGM5NTI0Y2VlMDM4IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0xM1QwMzoyMjowMS4zODMyOTdaIn0=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.189.212.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-189-212-84.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiMzBlMDNjMjctNjNkMi00NGI5LTk2MDQtOGM5NTI0Y2VlMDM4IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0xM1QwMzoyMjowMS4zODMyOTdaIn0=
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
cksync.php
contextual.media.net/ Frame F88B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1660360920768
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1126292566
  • https://sync.1rx.io/usersync/tradedesk/1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
  • https://sync.targeting.unrulymedia.com/csync/RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=r1&refUrl=&vid=03609205913033625206452273000V10&ovsid=RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004
45 B
470 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=r1&refUrl=&vid=03609205913033625206452273000V10&ovsid=RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:01 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=r1&refUrl=&vid=03609205913033625206452273000V10&ovsid=RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004
date
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX9514fee7cf214d058d96b1a5f70007c4004
content-type
text/html
sync
ads.servenobid.com/ Frame F88B
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1976306189285439071
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1976306189285439071
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.189.212.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-189-212-84.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1976306189285439071
Date
Sat, 13 Aug 2022 03:22:01 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame F88B
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=9f2dede7-e0a8-416c-bb59-baffdef61b9f
0
356 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=332&uid=9f2dede7-e0a8-416c-bb59-baffdef61b9f
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.189.212.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-189-212-84.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-29
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ads.servenobid.com/sync?pid=332&uid=9f2dede7-e0a8-416c-bb59-baffdef61b9f
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
usermatchredir
ssum.casalemedia.com/ Frame F88B
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F240%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D...
43 B
910 B
Image
General
Full URL
https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F240%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Da4e7651c-637e-4eb8-b59d-30a648ca1c4b%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
739e52ef1892affa-NRT
pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzxf%2FZJmKC9gGQMdXKoHKzFEFkAHn3OmMhM5ZoaZpjiWBfS%2FIfZKhxZ4ILMIQqXrpeMYo%2F3yfh8OAjCN3CjcATegiDPJpSQw7h0my6NIsORxL2VgATDEvjacOyciAstaUf0Bj8bG"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

location
https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F240%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Da4e7651c-637e-4eb8-b59d-30a648ca1c4b%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D
date
Sat, 13 Aug 2022 03:22:01 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame F88B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-bPMF8CRE2uF2THiIJjih4uwZaFWjJTDSw57LycI-~A
0
367 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-bPMF8CRE2uF2THiIJjih4uwZaFWjJTDSw57LycI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.189.212.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-189-212-84.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-bPMF8CRE2uF2THiIJjih4uwZaFWjJTDSw57LycI-~A
date
Sat, 13 Aug 2022 03:22:00 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame F88B
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=1e92927f-84d0-dd39-ffb6-b48aee34b56b
0
356 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=346&uid=1e92927f-84d0-dd39-ffb6-b48aee34b56b
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.189.212.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-189-212-84.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:06 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=1e92927f-84d0-dd39-ffb6-b48aee34b56b
pragma
no-cache
date
Sat, 13 Aug 2022 03:22:05 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
sync
ads.servenobid.com/ Frame F88B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-bPMF8CRE2uF2THiIJjih4uwZaFWjJTDSw57LycI-~A
0
367 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-bPMF8CRE2uF2THiIJjih4uwZaFWjJTDSw57LycI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.189.212.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-189-212-84.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-bPMF8CRE2uF2THiIJjih4uwZaFWjJTDSw57LycI-~A
date
Sat, 13 Aug 2022 03:22:00 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame EC13
24 B
229 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1b6dfbc0392b3e04e6f10a39a7c097635148b6bc998c13ffbda40d5b3df488c8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
cache-control
private
expires
Thu, 10 Nov 2022 19:07:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
24
content-type
text/html; charset=UTF-8
usersync
usersync.gumgum.com/ Frame 795B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=ba1962f7-18d8-4a00-a053-d0020e80600f&gdpr=&gdpr_consent=
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=ba1962f7-18d8-4a00-a053-d0020e80600f&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 13 Aug 2022 03:22:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 13 Aug 2022 03:22:00 GMT
Expires
Sat, 13 Aug 2022 03:21:59 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4475 c1dc35a master hkg-pixel-x20 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=ba1962f7-18d8-4a00-a053-d0020e80600f&gdpr=&gdpr_consent=
usersync
usersync.gumgum.com/ Frame AF78
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YvcY2AAGBwlDkgAK
  • https://usersync.gumgum.com/usersync?b=atm&i=YvcY2AAGBwlDkgAK&gdpr=&gdpr_consent=&_test=YvcY2AAGBwlDkgAK
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=YvcY2AAGBwlDkgAK&gdpr=&gdpr_consent=&_test=YvcY2AAGBwlDkgAK
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 13 Aug 2022 03:22:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 13 Aug 2022 03:22:00 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=YvcY2AAGBwlDkgAK&gdpr=&gdpr_consent=&_test=YvcY2AAGBwlDkgAK
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-tyo11958-TYO
x-timer
S1660360921.951596,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame BD1F
170 B
188 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9kZTM0MjljOC1mMzFjLTQ4YWItYmJhNC0zM2JmZTgzYTA1NmU=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.220.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s30-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 03:22:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 30F9
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-52-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=29245
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 13 Aug 2022 03:22:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 13 Aug 2022 11:29:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 9673
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 13 Aug 2022 03:22:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Sat, 13 Aug 2022 03:22:00 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
um
cs.emxdgt.com/ Frame EC2A
0
67 B
Document
General
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.123.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-123-47.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Sat, 13 Aug 2022 03:22:01 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame 9A8B
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=YvcY2MCo8X4AAMgoXUsAAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=YvcY2MCo8X4AAMgoXUsAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 13 Aug 2022 03:22:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 13 Aug 2022 03:22:00 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=YvcY2MCo8X4AAMgoXUsAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
41
X-SO-Cluster-ID
48
X-SO-HostName
a-ad40054.dc2p.scaleout.jp
X-SO-IP
217.138.252.170
X-SO-Key
YvcY2MCo8X4AAMgoXUsAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":48,"gdpr":false,"ipv4":"217.138.252.170","key":"YvcY2MCo8X4AAMgoXUsAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40054"}
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40054
usersync
usersync.gumgum.com/ Frame D3DB
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=UOmxQYPAALeX7gjU01xi&pi=gumgum&tc=1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=UOmxQYPAALeX7gjU01xi&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 13 Aug 2022 03:22:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 13 Aug 2022 03:22:01 GMT Sat, 13 Aug 2022 03:22:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=UOmxQYPAALeX7gjU01xi&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 7518
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Aug 2022 03:22:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 13 Aug 2022 03:22:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame 0E0B
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:52:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
329366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:52:34 GMT
cksync.php
contextual.media.net/ Frame 07E0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L6RC0R9W-4-M8UN
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L6RC0R9W-4-M8UN
45 B
451 B
Image
General
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L6RC0R9W-4-M8UN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:01 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L6RC0R9W-4-M8UN
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Expires
0
usersync
usersync.gumgum.com/ Frame A38E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=4764734661110149725
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=4764734661110149725
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
X-Proxy-Origin
217.138.252.170; 217.138.252.170; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9494528c-03e9-43e2-89a0-27bd8087ebb9
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=4764734661110149725
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame A38E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_de3429c8-f31c-48ab-bba4-33bfe83a056e&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2285538726722248733&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=f5902f6c-8f9b-44bb-af11-1df39412e0e6
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=f5902f6c-8f9b-44bb-af11-1df39412e0e6
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=f5902f6c-8f9b-44bb-af11-1df39412e0e6
Date
Sat, 13 Aug 2022 03:22:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame A38E
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%287dTFBhx3ZBoZuGxwwiMjrO5UcvAIZxoFkBCI4rcVbiwDsAlk6pWFxET5_7LgOVow%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_de3429c8-f31c-48ab-bba4-33bfe83a056e&obuid=ENC(7dTFBhx3ZBoZuGxwwiMjrO5UcvAIZxoFkBCI4rcVbiwDsAlk6pWFxET5_7LgOVow)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5...
  • https://sync.outbrain.com/cookie-sync?p=smart&uid=4960241744634227040&obUid=7dTFBhx3ZBoZuGxwwiMjrO5UcvAIZxoFkBCI4rcVbiwDsAlk6pWFxET5_7LgOVow&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=smart&uid=4960241744634227040&obUid=7dTFBhx3ZBoZuGxwwiMjrO5UcvAIZxoFkBCI4rcVbiwDsAlk6pWFxET5_7LgOVow&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
38.133.127.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 03:22:02 GMT
Cache-Control
no-cache
X-TraceId
525c321f61ad38de9b71d184a5ac43a4
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=smart&uid=4960241744634227040&obUid=7dTFBhx3ZBoZuGxwwiMjrO5UcvAIZxoFkBCI4rcVbiwDsAlk6pWFxET5_7LgOVow&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
date
Sat, 13 Aug 2022 03:22:01 GMT
content-length
0
usersync
usersync.gumgum.com/ Frame A38E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=c7e19b23-99c4-4f99-9012-7e51cf51aaf2
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=c7e19b23-99c4-4f99-9012-7e51cf51aaf2
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Sat, 13 Aug 2022 03:22:00 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=c7e19b23-99c4-4f99-9012-7e51cf51aaf2
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
usersync.gumgum.com/ Frame A38E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-f31f7f4c-6281-4bf8-4cc4-6126294317d2$ip$217.138.252.170
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-f31f7f4c-6281-4bf8-4cc4-6126294317d2$ip$217.138.252.170
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-f31f7f4c-6281-4bf8-4cc4-6126294317d2$ip$217.138.252.170
Date
Sat, 13 Aug 2022 03:22:01 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame A38E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-67jilTNE2peybjpts5sC2HdDS9ZAJFdgk0Iz~A
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-67jilTNE2peybjpts5sC2HdDS9ZAJFdgk0Iz~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Sat, 13 Aug 2022 03:22:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://usersync.gumgum.com/usersync?b=oth&i=y-67jilTNE2peybjpts5sC2HdDS9ZAJFdgk0Iz~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame A38E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=12555789-e34f-4b1b-9d3d-a08d66fcdb47
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=12555789-e34f-4b1b-9d3d-a08d66fcdb47
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=12555789-e34f-4b1b-9d3d-a08d66fcdb47
Date
Sat, 13 Aug 2022 03:22:01 GMT
X-CI-RTID
57ec84df-07ef-44d8-8e29-d41b51a31f5f
Connection
keep-alive
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame A38E
0
292 B
Image
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
1030545273
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame A38E
0
39 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame A38E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_de3429c8-f31c-48ab-bba4-33bfe83a056e&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=o544vs0B1ldF4SvIuohK&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23ZVGQ2HM4ZQIIYWYZCGGRJXMSLVN5UEW...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=o544vs0B1ldF4SvIuohK&us_privacy=1---
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=o544vs0B1ldF4SvIuohK&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
P3p
CP="We do not support P3P header."
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=o544vs0B1ldF4SvIuohK&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame A38E
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=c8461c9a-9d8c-4442-b5f7-9da8e522489f
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=c8461c9a-9d8c-4442-b5f7-9da8e522489f
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=c8461c9a-9d8c-4442-b5f7-9da8e522489f
date
Sat, 13 Aug 2022 03:22:01 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cksync.php
contextual.media.net/ Frame A38E
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8611154134
  • https://sync.1rx.io/usersync/tradedesk/1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
  • https://sync.targeting.unrulymedia.com/csync/RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=r1&refUrl=&vid=03609205913033625206452273000V10&ovsid=RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004
45 B
470 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=r1&refUrl=&vid=03609205913033625206452273000V10&ovsid=RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 13 Aug 2022 03:22:01 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=r1&refUrl=&vid=03609205913033625206452273000V10&ovsid=RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004
date
Sat, 13 Aug 2022 03:22:01 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX9514fee7cf214d058d96b1a5f70007c4004
content-type
text/html
usersync
usersync.gumgum.com/ Frame A38E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=mIq75Rb5fCOf&ev=1&pid=558355
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=mIq75Rb5fCOf&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
jp-JP
location
https://usersync.gumgum.com/usersync?b=pln&i=mIq75Rb5fCOf&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
usersync
usersync.gumgum.com/ Frame A38E
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=4960241744634227040
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=4960241744634227040
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=4960241744634227040
date
Sat, 13 Aug 2022 03:22:00 GMT
content-length
0
sync
ads.servenobid.com/ Frame A38E
0
357 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_de3429c8-f31c-48ab-bba4-33bfe83a056e
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.189.212.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-189-212-84.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 7518
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f20b44f4c11af710237c278ab58ad01bfe9dfc72f62131392dc7c391a9d35a64

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 03:22:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70533
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9452
Expires
Sat, 13 Aug 2022 22:57:33 GMT
moatvideoanalytics.js
s.yimg.com/cv/apiv2/ade/moat/ Frame E3B6
2 KB
2 KB
Script
General
Full URL
https://s.yimg.com/cv/apiv2/ade/moat/moatvideoanalytics.js?_=20210831122852
Requested by
Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.82/0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:a4:9fe::1 , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
e59e33795d6b3af925607e1a87b8f280a08403444254087375f86c6342415fec
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 05:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
684538
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
x-amz-request-id
9C1QXQ5J1BAN9XC6
x-amz-id-2
R3g4N0dgA+CUt6aveoWjM9dPrckkbHLFJmlloRc+4cBkvYnZb+/z7QZuz6wuO3NQ56dlS3TH+RQ=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 31 Aug 2021 19:28:12 GMT
server
ATS
etag
"6925a11d236b11c3f082d21c1e61bdfa-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
accept-ranges
bytes
ad-engine-response.gif
trk.vidible.tv/trk/ Frame 21C0
0
66 B
Image
General
Full URL
https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=56bcd17ce4b018167fea5539&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.onmsft.com&s=true&sid=0536cf9d-89ad-4794-805c-b78387c7a119&vvuid=d6d6736e-3c91-4630-938e-ee87fa56677d&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=452&aert=309&ar=yes&fo=1&ft=0&h=254&cb=0.5770767523306899
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.103.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-103-248.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
impression.gif
trk.vidible.tv/trk/ Frame 21C0
0
66 B
Image
General
Full URL
https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=56bcd17ce4b018167fea5539&s=true&pv=10.2.82&ifr=true&cb=0.3918134286042574&pt=o2unit&sid=0536cf9d-89ad-4794-805c-b78387c7a119&r=https%3A%2F%2Fwww.onmsft.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.103.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-103-248.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame B368
44 KB
16 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js
Requested by
Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.82/0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae5abaefaef0198f01e75af0e5578966d6bec8039284cb1247148e37ecfe4fb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:17:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
268
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16251
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 18:37:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Sat, 13 Aug 2022 03:32:32 GMT
usersync
usersync.gumgum.com/ Frame B367
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=e3a462f7-18d8-4000-8222-2d03a6456a3e&gdpr=0&gdpr_consent=
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=e3a462f7-18d8-4000-8222-2d03a6456a3e&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 13 Aug 2022 03:22:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 13 Aug 2022 03:22:00 GMT
Expires
Sat, 13 Aug 2022 03:21:59 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4475 c1dc35a master hkg-pixel-x18 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=e3a462f7-18d8-4000-8222-2d03a6456a3e&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame F959
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YvcY2AAGB6JGTAAK
  • https://usersync.gumgum.com/usersync?b=atm&i=YvcY2AAGB6JGTAAK&gdpr=0&gdpr_consent=&_test=YvcY2AAGB6JGTAAK
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=YvcY2AAGB6JGTAAK&gdpr=0&gdpr_consent=&_test=YvcY2AAGB6JGTAAK
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 13 Aug 2022 03:22:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 13 Aug 2022 03:22:01 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=YvcY2AAGB6JGTAAK&gdpr=0&gdpr_consent=&_test=YvcY2AAGB6JGTAAK
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-tyo11958-TYO
x-timer
S1660360921.055277,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 8032
170 B
188 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9kZTM0MjljOC1mMzFjLTQ4YWItYmJhNC0zM2JmZTgzYTA1NmU=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.220.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s30-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 03:22:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2F14
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-52-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=29245
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 13 Aug 2022 03:22:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 13 Aug 2022 11:29:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 574A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 13 Aug 2022 03:22:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Sat, 13 Aug 2022 03:22:00 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
um
cs.emxdgt.com/ Frame DC80
0
66 B
Document
General
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.123.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-123-47.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Sat, 13 Aug 2022 03:22:01 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame 2211
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=YvcY2MCo8X4AAMgoXUsAAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=YvcY2MCo8X4AAMgoXUsAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 13 Aug 2022 03:22:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 13 Aug 2022 03:22:00 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=YvcY2MCo8X4AAMgoXUsAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
12
X-SO-Cluster-ID
48
X-SO-HostName
a-ad40054.dc2p.scaleout.jp
X-SO-IP
217.138.252.170
X-SO-Key
YvcY2MCo8X4AAMgoXUsAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":48,"gdpr":false,"ipv4":"217.138.252.170","key":"YvcY2MCo8X4AAMgoXUsAAAAA","privacy_sensitive":false,"uid":"YvcY2MCo8X4AAMgoXUsAAAAA","upstream_id":"a-ad40054"}
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
X-SO-UID
YvcY2MCo8X4AAMgoXUsAAAAA
X-SO-Upstream-ID
a-ad40054
usersync
usersync.gumgum.com/ Frame C2AC
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=UOmxQYPAALeX7gjU01xi&pi=gumgum&tc=1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=UOmxQYPAALeX7gjU01xi&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 13 Aug 2022 03:22:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 13 Aug 2022 03:22:01 GMT Sat, 13 Aug 2022 03:22:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=UOmxQYPAALeX7gjU01xi&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame B388
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Aug 2022 03:22:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 13 Aug 2022 03:22:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync
ads.servenobid.com/ Frame 3655
0
343 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=317&uid=4960241744634227040&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.189.212.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-189-212-84.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3655
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDk2MDI0MTc0NDYzNDIyNzA0MA==&gdpr=0&gdpr_consent=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDk2MDI0MTc0NDYzNDIyNzA0MA==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Server
216.58.220.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s30-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDk2MDI0MTc0NDYzNDIyNzA0MA==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync
odr.mookie1.com/t/v2/ Frame 3655
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f5902f6c-8f9b-44bb-af11-1df39412e0e6&ssp=smartadserver&gdpr=0&gdpr_consent=
43 B
639 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f5902f6c-8f9b-44bb-af11-1df39412e0e6&ssp=smartadserver&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.202.227.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f5902f6c-8f9b-44bb-af11-1df39412e0e6&ssp=smartadserver&gdpr=0&gdpr_consent=
Date
Sat, 13 Aug 2022 03:22:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 3655
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=5e1b9faa-bfbb-4cf0-9fd1-403fe2974a7d&gdpr=0&gdpr_consent=
43 B
516 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=5e1b9faa-bfbb-4cf0-9fd1-403fe2974a7d&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=5e1b9faa-bfbb-4cf0-9fd1-403fe2974a7d&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 3655
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=ORk16T4TN-ciGWHmbEp-7j0eMO4iTmrqaR29d3Di
43 B
520 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=ORk16T4TN-ciGWHmbEp-7j0eMO4iTmrqaR29d3Di
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=ORk16T4TN-ciGWHmbEp-7j0eMO4iTmrqaR29d3Di
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 08FD
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=1b05fc73-f7eb-43b3-b201-34dc890c1fbc
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
G5GX2GG7YQ4SRRS6QV7D
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 08FD
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=4764734661110149725
68 B
278 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=4764734661110149725
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.254.33.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-33-203.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
X-Proxy-Origin
217.138.252.170; 217.138.252.170; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2687e011-80c8-429d-8d27-bac92080d62c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=4764734661110149725
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 08FD
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1&gdpr=0&gdpr_consent=
68 B
278 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.254.33.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-33-203.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame 08FD
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1&gdpr=0&gdpr_consent=
68 B
278 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.254.33.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-33-203.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame 08FD
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://b1sync.zemanta.com/usersync/sharethrough/
  • https://stags.bluekai.com/site/23178?id=2mBIJSipobBfkwaONTAX&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZZW65LSMNSV62LEHVQTOOJTGUZTANJYGE2GMODDGVSTE...
  • https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=2mBIJSipobBfkwaONTAX
68 B
278 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=2mBIJSipobBfkwaONTAX
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.254.33.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-33-203.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
P3p
CP="We do not support P3P header."
Location
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=2mBIJSipobBfkwaONTAX
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
136
Expires
Thu, 01 Dec 1994 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 09A7
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=gbd9b0034da2271aad90
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
FZJT95WHSZKZ2FR28ZVJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 09A7
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?&ssp=yieldmo
  • https://rtb.mfadsrvr.com/ul_cb/sync?&ssp=yieldmo
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=1cc0970c-2451-456c-8b60-71b9d375677d&gdpr=&gdpr_pd=&gdpr_consent=
43 B
562 B
Image
General
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=1cc0970c-2451-456c-8b60-71b9d375677d&gdpr=&gdpr_pd=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.76.200.167 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-200-167.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 13 Aug 2022 03:22:02 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/v000/sync?pn_id=mf&userid=1cc0970c-2451-456c-8b60-71b9d375677d&gdpr=&gdpr_pd=&gdpr_consent=
Date
Sat, 13 Aug 2022 03:22:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sync
ads.yieldmo.com/ Frame 09A7
Redirect Chain
  • https://yieldmo-match.dotomi.com/match/bounce/current?&networkId=42851&version=1
  • https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=681a59e96b12025&is_secure=true&=&networkId=42851&version=1
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AAAGpzHOd238hgNA-yQ9AAAAAAA&expiration=1660447321&=&is_secure=true
43 B
446 B
Image
General
Full URL
https://ads.yieldmo.com/sync?pn_id=eps&id=AAAGpzHOd238hgNA-yQ9AAAAAAA&expiration=1660447321&=&is_secure=true
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.76.200.167 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-200-167.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://ads.yieldmo.com/sync?pn_id=eps&id=AAAGpzHOd238hgNA-yQ9AAAAAAA&expiration=1660447321&=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ads.yieldmo.com/v000/ Frame 09A7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g6dadd510c8b21ad617b
  • https://ads.yieldmo.com/v000/sync?tdid=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
43 B
334 B
Image
General
Full URL
https://ads.yieldmo.com/v000/sync?tdid=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.76.200.167 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-200-167.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
181
sync
ib.adnxs.com/&https://ads.yieldmo.com/v000/ Frame 09A7
Redirect Chain
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=4764734661110149725&pn_id=an
0
599 B
Image
General
Full URL
https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=4764734661110149725&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
X-Proxy-Origin
217.138.252.170; 217.138.252.170; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0ad7e5b2-9926-4750-8f59-ae764d055c60
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
X-Proxy-Origin
217.138.252.170; 217.138.252.170; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
285d599a-3760-4783-9a91-5a3a5485a33d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
&https://ads.yieldmo.com/v000/sync?userid=4764734661110149725&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 09A7
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=yieldmo_dbm&google_hm=ZzU0Mzc2OTk3NzI4NDU0ZTE0MjU=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.220.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s30-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame B388
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f20b44f4c11af710237c278ab58ad01bfe9dfc72f62131392dc7c391a9d35a64

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 03:22:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70533
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9452
Expires
Sat, 13 Aug 2022 22:57:33 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=340891715&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.onmsft.com%2F&ul=en-us&de=UTF-8&dt=Latest%20News%20-%20OnMSFT.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1a9p1wo&_u=6HDAAEABAAAAAC~&jid=&gjid=&cid=1533648303.1660360917&tid=UA-71939551-1&_gid=1852828179.1660360917&gtm=2wg880WKG65QB&cd5=Kip%20Kniskern&cd7=December%2029%2C%202021&cd8=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F3vjoryfbqq%2F1y5l59l%2F1a9p1wo&z=1405852863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 09:02:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
65970
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
moatvideo.js
z.moatads.com/verizonmediasspvideo234910527399/ Frame E3B6
340 KB
113 KB
Script
General
Full URL
https://z.moatads.com/verizonmediasspvideo234910527399/moatvideo.js
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/cv/apiv2/ade/moat/moatvideoanalytics.js?_=20210831122852
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fee2a89f0d42be4c4e87d9f57e97328973edf2ee4f5afc0b9cc314ba4610e6ac

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
content-encoding
gzip
last-modified
Thu, 04 Aug 2022 15:37:25 GMT
server
AmazonS3
x-amz-request-id
CJKNTS6HM23H2J0H
etag
"49350a438025e95e1cf96d4a101e8421"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=15569
accept-ranges
bytes
content-length
114915
x-amz-id-2
GmBXbMgyV7HOXIzPxZjwRUv2ABqkC33Kas9McnQxFmE4ebO/rku2khnom2UFJmMpPAhYCagTw0Q=
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B368
375 KB
125 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
603db0f6c2713ca7a57c9091bf85634c48fb5cabcb99cb718a8cbfefb0631f7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127744
x-xss-protection
0
expires
Sat, 13 Aug 2022 03:22:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B368
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init&vps=0.3758037471945834&wt=1660360920960&sdkv=h.3.524.0&xai=AKAOjsuWgbkZY1vz1-2rEUEaLtyU9H34ktfzELFe_6QNg1mrUNE65c-UkuXKXuBIddrEtwEyR4DUObd7f_E04k7ySO4yHmb-pQxy7asq5sqfHkIzTNV__vJjsf4k9nZENBjn57tLUJkM3bqMa6-YPyeJWMlbcONGyuyKLooud1c9TriVkw1dyhuEEGrGhnCokNeC8QL-C9OqBF5UVa7-Vxi0SNVxTj_SOS8sE8aNZfgAOVG1Az2XbnFsnQcz6TY2aMtUAGeLrJZXHPWfVYcsG__1Opr2tRlI3yDZilvJxoorCFIoLR7QXLy7Qb2dU_ot9k5D1KA5m12G_FnvOhK8IUumsPAmpvmLPLi0p-B17Yjx5P3o1CBPlS2OOY2v2XxcI_vRCmaSOH0Er7VLp80QSGx0JPRbxS7WXD3vgC9NUfFt9nc2MQ0QsJzY93cJl_ZVAnAqcVBm5NPLLEvgdx3G6E532B9diqm4mMdKV5bsros1TBrWBpIDXUznQsbeUx68rm6zC-QZn6FRzZa2zsUAp10jLraIQsgBbBjp1VZsAwZzJaQzx2Cbmy0UIcfTynU4iJclvttrMJLm08MZjm5QfKUePaYLZad_U00SBq9YphhCFf1vWbL_b_hXYqsBtgja7p8acBKsWIdfm952FTxthC0FHksiY2ZCsnlMZODMr5clmIvcrh5slR_4sEPBrSDzcsTPlExr6LsIwfDDcLe04RLfLiFIqyM-arDu6EpxSWL5jFm7XArhE9c3P96_xWzJdy8E4rVp5F0ZDVIpJ_lTFZBGdnBCSxGeGqBwQwkXqgar2qUGrBfW9UHaciL9gkltbv3yD6YgrUAhO60sGWx5IHN-X1m-60PDc7hrVOrjcgylK-atb3IhOXlF1vh6y0KzsOoG2gjI6iS_aa6TwlD4jjPtrx4daMl3ZWYTCCH8QZyQQqp6IDFPkpah50fVEWX4q-oi8iABCVtYVF3h3mEDw9L9BL9xekbV0YlbQSqq6XOHtmgb_CC9Q0YRQjCc40O1xdeyu5i68bxnTL7_xRg_wZss3xeozstcdhG9MnZ1KFWosnU1MTTO3jomD5Hp_uE4_Ers9TAjX-evuGViGCAcZL3wVmTeZFi9LKugsL4ksfm2Io0i0g3WrEyZpFMxornRfEuXWPZBUBomqe4G_FyTGAltjCdaei9WyfITMa1kFbn2rtVaPTYpI9RxzlKyET70uySz1DRA72qY36u9WOpeEGnlRzKq0o1DMf8PWDO_20bGOMGdZqPlmHFB9I0EbQRNSYP-Ds5AYMyr&aid=533015161&len=00%3A00%3A06&url=2,https%3A%2F%2Fwww.onmsft.com%2F$0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
c21lg-d.media.net/ Frame 895F
35 B
194 B
Image
General
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=b23f748b-8065-45fe-845e-093915585f96&cs=15&vsid=3033625206452273000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sat, 13 Aug 2022 03:22:01 GMT
log
c21lg-d.media.net/ Frame 9D07
35 B
194 B
Image
General
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=b23f748b-8065-45fe-845e-093915585f96&cs=15&vsid=3033625206452273000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sat, 13 Aug 2022 03:22:01 GMT
usersync
usersync.gumgum.com/ Frame B388
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L6RC0R9W-4-M8UN
  • https://usersync.gumgum.com/usersync?b=mag&i=L6RC0R9W-4-M8UN
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=L6RC0R9W-4-M8UN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usersync.gumgum.com/usersync?b=mag&i=L6RC0R9W-4-M8UN
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
5e3ed5b16ff95387d0b9d1c5e78ff6a2
Expires
0
n.js
geo.moatads.com/ Frame E3B6
98 B
270 B
Script
General
Full URL
https://geo.moatads.com/n.js?e=35&ol=1314433452&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VC4NafZqZuc7FwBUS30oB3JRuQXyveKl6wFbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-nFmOVythgEwLgg%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=452&qe=254&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=VERIZON_SSP_VIDEO1&hp=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=1&nh=1&j=https%3A%2F%2Fwww.onmsft.com&lp=https%3A%2F%2Fwww.onmsft.com&t=1660360921040&de=597303311449&m=0&ar=1da355aa18f-clean&iw=acdcd33&q=2&cb=0&ym=0&cu=1660360921040&ll=2&lm=1&ln=1&em=0&en=0&d=55023%3A13614%3A13614%3Ahttps_%2F%2Fwww.onmsft.com%2F&zMoatParams=tidi%3D770912229%26dcn%3D8a969574017b7be07f13e163c6300030%26posi%3D1575335%26uid%3Dy-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%257EA%26xdi%3DPz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.%26xoi%3DMHxKUE4.%26b%3DMTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.%26a%3D41e73af2-cc6b-4015-b992-d89d96f3a508%26rts%3D1660360917649&zGSRC=1&gu=https%3A%2F%2Fwww.onmsft.com%2F&id=0&ii=3&bo=354614&bd=1575335&zMoatOrigSlicer1=354614&zMoatOrigSlicer2=1575335&gw=verizonmediasspvideo234910527399&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A53%3A52&jm=-1&fs=199703&na=854756496&cs=0&ord=1660360921040&jv=544129082&callback=DOMlessLLDcallback_73275128
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/verizonmediasspvideo234910527399/moatvideo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.69.163 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-69-163.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
2f4f9257b7d9a2cc7a5cb1654fa226ba27ee393bbaaf481a7f14607ce03b8c3c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"aa90b757843e06ba5cbf3fb2b6db2cc5034e88ac"
content-length
98
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame E3B6
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=VERIZON_SSP_VIDEO1&hp=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=1&nh=1&j=https%3A%2F%2Fwww.onmsft.com&lp=https%3A%2F%2Fwww.onmsft.com&t=1660360921040&de=597303311449&m=0&ar=1da355aa18f-clean&iw=acdcd33&q=3&cb=0&ym=0&cu=1660360921040&ll=2&lm=1&ln=1&em=0&en=0&d=55023%3A13614%3A13614%3Ahttps_%2F%2Fwww.onmsft.com%2F&zMoatParams=tidi%3D770912229%26dcn%3D8a969574017b7be07f13e163c6300030%26posi%3D1575335%26uid%3Dy-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%257EA%26xdi%3DPz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.%26xoi%3DMHxKUE4.%26b%3DMTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.%26a%3D41e73af2-cc6b-4015-b992-d89d96f3a508%26rts%3D1660360917649&zGSRC=1&gu=https%3A%2F%2Fwww.onmsft.com%2F&id=0&ii=3&bo=354614&bd=1575335&zMoatOrigSlicer1=354614&zMoatOrigSlicer2=1575335&gw=verizonmediasspvideo234910527399&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A53%3A52&jm=-1&fs=199703&na=1724790130&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:22:01 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 03:22:01 GMT
/
sync.richaudience.com/74889303289e27f327ad0c6de7be7264/ Frame 527A
95 B
159 B
Document
General
Full URL
https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?p=1BTOoaD22a&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Drichaudience%26uid%3D[PDID]
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-type
image/png
date
Sat, 13 Aug 2022 03:22:01 GMT
server
nginx/1.14.2
bridge3.524.0_en.html
imasdk.googleapis.com/js/core/ Frame 8C2A
635 KB
205 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.524.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d0b5a63ca5e36540e2628599ba666ef0ac2bd34f8ea5f25c9a51b0e4c72fed2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.playwire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
10574
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210237
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 00:25:47 GMT
expires
Sun, 13 Aug 2023 00:25:47 GMT
last-modified
Mon, 08 Aug 2022 18:34:29 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame B368
44 KB
16 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Aug 2022 03:22:01 GMT
integrator.js
adservice.google.com/adsid/ Frame B368
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.playwire.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:22:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD48
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BT7k32Bj3YtfpCIHkqQGRi4QgAAAAADgB4AQC&bg=!JSalJmLNAAa4hXTbmIU7ACkAdvg8WmPjS2V_dAvJAJ43saEVwR1lglMjW39tLO_V0A8lFwHnSYH6pQIAAAFuUgAAAAFoAQeZA0sxYUockc6w8_WFimIqu63CANCYEaU74ZazXdTJMazWEdYThgimuFpzF8Sz4Ozn16_urRtO5iSMTGClluCwJBROkUE-lG8XbX9boYTftprwgUmc4PpYKdO0fwQbMPhDgK49oGguMfOO8P0npnxVToaAc81YtisAbYMBDzCZea1duH75BnqGKwW3XddWkoA0O2hZpBpUIJlfYHjuaUNlbN-1IKCHkMgogFr5lAq97DUMr88PTsJyrfxke9ONT3lW5WeKx29u4Kd9dAt3GWIfUKVhs4jL31Xs8-_KmePnTClodVLsSyucx9odt79YDBimzJVcRyZgxY4sB8gHcIzcl0knWuu4fQ6HQywsc52Fh5jA5px_Whdf4O88OsLLDqAyBeorVCFjndkr6xUzZkj5LqF3_-19D7qsfuMRWfiEeImTB4qzKbjcBiiuBAE0hsbSajYW79xUKcp0xhK4yTFxp1wNjNFDA1JxH2dzknLgD4DE6Fjpiet1aAWqtNw40giiR8tRI7T8tC2JLfXGMfvgXRdqDXjiGyr9LYOcjJKTDRVVzzAkHg_zuklNRjBtSTIZ30HUNYRBsIEWzlldKSE-DaYZ8R-kdTDiBoOVJVlhkIBFzu-u7Ko2mcNCijzbKl045xrZmyLnK28R1piLs3HL3L_yWvYyfeXWOGDNvuAUHhkTIxeAwKgcRQ-8gigNKnU14xDkH8QvbqiNWmxMUc9N0yap1dTdyoaNLovUSM1UbJUKshKlfliy7Q7nlqRgE3WnPsA-rg191VODA43b_-Mmk-umNeAIfnhpnxscRwIOBgr4jc59UFcZ9lNGW52gQxMxVcGjyDQjW9_gm17ZroTdmY9TaBk7tL1s5zQpw6wVCujD3ZzLJXl5MaXMy1MQiTgSmrJVVqC8ZFRJK7GZqPQ0VEKqCjRNwKOT1xTFVop3WFweYR2xowFjFCTF6Pn3oWXoMOA1l9dVnr9ZcHh2GejCu-cYFYJb1dcVD9o1M3W1n9lkz7g-_Alr_Y_eTMdwoOVD0BXcAqI5DZJyuhq11Qokkq0xF_5UFiPnK4K1Fzl5a1NmlofYUotSv1gdXMCvaPMZlN3HOXK0hfukaLBsb42r9hGWBmiIYC1k2XGqxvc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1236
37 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b625b3191eea0929d0f20fffd7ea8199fd3f80407b0738dabeab289f49a4522c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 02:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12926
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 21:40:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 13 Aug 2022 03:35:41 GMT
ad-engine-flow.gif
trk.vidible.tv/trk/ Frame 21C0
0
66 B
Image
General
Full URL
https://trk.vidible.tv/trk/ad-engine-flow.gif?bcid=56bcd17ce4b018167fea5539&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.onmsft.com&s=true&sid=0536cf9d-89ad-4794-805c-b78387c7a119&vvuid=d6d6736e-3c91-4630-938e-ee87fa56677d&at=preroll&adIdx=1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=452&crt=VPAID%20application%2Fjavascript&stg=loaded&aid=533015161&al=6&ap=true&cpm=0&h=254&m=true&ltc=309&p.vw.active=1&p.vw.sound=0&vwa=100&vwm=0&cb=0.44983047473717774
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.103.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-103-248.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ad-engine-flow.gif
trk.vidible.tv/trk/ Frame 21C0
0
66 B
Image
General
Full URL
https://trk.vidible.tv/trk/ad-engine-flow.gif?bcid=56bcd17ce4b018167fea5539&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.onmsft.com&s=true&sid=0536cf9d-89ad-4794-805c-b78387c7a119&vvuid=d6d6736e-3c91-4630-938e-ee87fa56677d&at=preroll&adIdx=1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=452&crt=VPAID%20application%2Fjavascript&stg=win&aid=533015161&al=6&ap=true&cpm=0&h=254&m=true&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=0&cb=0.8056127845072578
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.103.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-103-248.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
csi
csi.gstatic.com/ Frame 8C2A
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l6rc0u50&c=1625187436481&slotId=812593718240.5&fb=ima_html5-lima&sdkv=h.3.524.0%2Fvpaid_adapter&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=3.0&vmfc=12&vhc=0&ghmsh_eids=44754420%2C44760950%2C44762904%2C44765701%2C44767130
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.524.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4007:809::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame B368
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l6rc0u26&c=1625187436481&slotId=812593718240.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4007:809::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
48
r4---sn-oguesn6d.c.2mdn.net/videoplayback/id/ffb9dc06f5c3e529/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3801746010/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame E3B6
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/ffb9dc06f5c3e529/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3801746010/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r4---sn-oguesn6d.c.2mdn.net/videoplayback/id/ffb9dc06f5c3e529/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3801746010/sparams/acao,ctier,expire,id,ip,ipbits,ita...
870 KB
871 KB
Media
General
Full URL
https://r4---sn-oguesn6d.c.2mdn.net/videoplayback/id/ffb9dc06f5c3e529/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3801746010/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0FEFC7A7C99330B5C2EAFD0CD8C8823D1F1BD0A0.1EDB78283187ED3A4FDC2CA2AF9BAB2EFBDBFFE3/key/cms1/cms_redirect/yes/mh/1c/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguesn6d/ms/onc/mt/1660360114/mv/m/mvi/4/pl/48?cpn=P0IHTQnP6-C70rCF&file=file.mp4
Protocol
HTTP/1.1
Server
2404:6800:4004:2c::9 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
4b9284fc88f358987133e3263bbb67fd47055410081a6e70d838a0ef363084eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 03:22:01 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 08 Jul 2022 16:28:45 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-891195/891196
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
891196
Expires
Sat, 13 Aug 2022 03:22:01 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r4---sn-oguesn6d.c.2mdn.net/videoplayback/id/ffb9dc06f5c3e529/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3801746010/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0FEFC7A7C99330B5C2EAFD0CD8C8823D1F1BD0A0.1EDB78283187ED3A4FDC2CA2AF9BAB2EFBDBFFE3/key/cms1/cms_redirect/yes/mh/1c/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguesn6d/ms/onc/mt/1660360114/mv/m/mvi/4/pl/48?cpn=P0IHTQnP6-C70rCF&file=file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
673
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
e.clarity.ms/
0
48 B
XHR
General
Full URL
https://e.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.39/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
https://www.onmsft.com
date
Sat, 13 Aug 2022 03:22:01 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 8C2A
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.524.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 04:46:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Aug 2023 04:46:16 GMT
dot.gif
s0.2mdn.net/ Frame 8C2A
43 B
66 B
Image
General
Full URL
https://s0.2mdn.net/dot.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 22:04:21 GMT
x-content-type-options
nosniff
age
19060
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Aug 2022 22:04:21 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8C2A
42 B
66 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsveAQ0F0iomocEXid959_qZ2ss9u0MFgy4gcNAljniD98r4lcKpJo-TgGANAeHnpRZb1K5zTRol2pPyejtTOy86sF3-4v3hkLA&sig=Cg0ArKJSzBdBSLNg_ptLEAE&id=lidarv&acvw=sv%3D930%26cb%3Dima%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,254,452%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D121%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D993401895%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D619%26pngs%3D9,14,15%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1660360921348&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;av=1;acvw=sv%3D930%26cb%3Dima%26e%3D15...
ade.googlesyndication.com/ddm/activity/ Frame 8C2A
42 B
494 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;av=1;acvw=sv%3D930%26cb%3Dima%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,254,452%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D121%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D993401895%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D619%26pngs%3D9,14,15%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1660360921348;ecn1=0;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;av=1;acvw=sv%3D930%26cb%3Dima%26e%3D0%...
ade.googlesyndication.com/ddm/activity/ Frame 8C2A
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;av=1;acvw=sv%3D930%26cb%3Dima%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,254,452%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D121%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D993401895%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D621%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1660360921348;dc_rfl=2,https%253A%252F%252Fwww.onmsft.com%252F%240;ecn1=0;etm1=0;eid1=210001;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;av=1;acvw=sv%3D930%26cb%3Dima%26e%3D10...
ade.googlesyndication.com/ddm/activity/ Frame 8C2A
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;av=1;acvw=sv%3D930%26cb%3Dima%26e%3D10%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,254,452%26tos%3D11,0,0,0,0%26mtos%3D11,11,11,11,11%26amtos%3D0,0,0,0,0%26mcvt%3D11%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11%26pst%3D-1%26dur%3D6016%26vmtime%3D-1%26dvs%3D11%26dfvs%3D11%26dvpt%3D11%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D121%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D993401895%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D624%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,11;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1660360921348;ecn1=0;etm1=0;eid1=210006;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame E3B6
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fcdn.playwire.com%2F%2Fbolt4%2Fjs%2Fzeus%2Freleases%2F4.5.14%2Fframe%2F-&i=VERIZON_SSP_VIDEO1&ol=1314433452&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VC4NafZqZuc7FwBUS30oB3JRuQXyveKl6wFbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-nFmOVythgEwLgg%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=452&qe=254&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=8&g=0&h=254&w=452&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.onmsft.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.onmsft.com&lp=https%3A%2F%2Fwww.onmsft.com&t=1660360921040&de=597303311449&cu=1660360921040&m=738&ar=1da355aa18f-clean&iw=acdcd33&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=175&lg=1&lh=27&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A53%3A52&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=720&cd=0&ah=720&am=0&dq=103&dr=0&ds=103&dt=0&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&rf=0&re=1&cl=0&at=0&d=55023%3A13614%3A13614%3Ahttps_%2F%2Fwww.onmsft.com%2F&bo=354614&bd=1575335&gw=verizonmediasspvideo234910527399&zMoatOrigSlicer1=354614&zMoatOrigSlicer2=1575335&zMoatParams=tidi%3D770912229%26dcn%3D8a969574017b7be07f13e163c6300030%26posi%3D1575335%26uid%3Dy-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%257EA%26xdi%3DPz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.%26xoi%3DMHxKUE4.%26b%3DMTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.%26a%3D41e73af2-cc6b-4015-b992-d89d96f3a508%26rts%3D1660360917649&ab=3&fd=1&kt=sframe&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=199703&na=1514721946&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:22:01 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 03:22:01 GMT
ad-engine-flow.gif
trk.vidible.tv/trk/ Frame 21C0
0
66 B
Image
General
Full URL
https://trk.vidible.tv/trk/ad-engine-flow.gif?bcid=56bcd17ce4b018167fea5539&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.onmsft.com&s=true&sid=0536cf9d-89ad-4794-805c-b78387c7a119&vvuid=d6d6736e-3c91-4630-938e-ee87fa56677d&at=preroll&adIdx=1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=452&crt=VPAID%20application%2Fjavascript&stg=started&aid=533015161&al=6&ap=true&cpm=0&fo=0&h=254&m=true&ltc=462&p.vw.active=1&p.vw.sound=0&vwa=100&vwm=100&cb=0.5619793174719971
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.103.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-103-248.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
view
googleads4.g.doubleclick.net/pcs/ Frame 21C0
0
27 B
Image
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYle9ptxZ0ty-FDMYI6iTFldjBQ8y76NWmbLgtKN_nFGoGFYxbOeQEAXauvpdUeob-cuAA6pIJw7CdpjG6zHgrZUefBdOjZI4l7dgg0zR94B4k0_51rKmrvQlMr3dMUjnfB2cIB_XC-B38SEn6JHlZKtttqdTC9aU0-o8qRBW9TcbXR7RUturr_uBCInuEaLWQWrlnmzukVzeJtq3gehWH6KwqMhkxhGgcUSOGR6qH7rAIKGSokrI4h1ybKSgwAMZtS_XuY3cglwBBnmUPRhzi6qEYc-_zlShTeFWxpOSFFgOgs_btM13JsnRRRpOdHOffn96LGyxDO_bH0c7vsR6sIARSCFVZMfrmf_dzXv9WYjPrUpaKZYdSCml1XSLV1AeXD4gT_x8yIojo_mdzN88KnnDix3W7OCyqUuJPJHfDksJmlVKwLAfLkUAkBQXNPm13IR6UZIO5aUd2aeOfZMYmWdwk3_lA0mrOaghMAjKsEsrAIxv_y7sZFZ4i8DT0oP1WUObt_uQCGhCH-yIPVhUNaXOcts1PLCMUyz1_f2g7fx6oU2D_TUuW3DHClx-r2cGXUdzofCQeQGZZl_P3002o8GM21xMEuRKegkq8dsnsRCgqnUqGTdMRbHNU_VHu7FPa3ZCYY8eHgz-hy-r4qQU4aw5FBPNyTueGfyenAFaD8EwqJbO4oYOUrzr2zbXkw5_5Uvr1UuF99WWe8OQTeQtgiGRmtnZ7-6A4EbmfB3h0v6mIRJ6J0TZzmpcUuu2OzUKoABQ33iUnnmNJ-7XLvtfHMAQ76dwsB84nQZWTzS3F6MA4w9XJ0OPVFcU3niuqQFFlKGi5D_KA2k-N0Nul_tINr67yQIAB6DeO7bfcJN_PtiCccoukIL5bnR05xK6HkW0pnGR6g1n6a2a8OVLjOwNNQBXkr65S9RBEW5b7Q8HRSUW6aneR_dsjp2nF6LKnI5oa_ETlOcRNNMnE3tkf6xgSAVz2covnSBHxsE7EcIF-wZAAWdQ3CUpxJqdI3_JAO_lG9OXHXruggQVo-gBGnNzW9YptiCA491QsCpq5Ack3_yD0uoLfZePSZYVekZ_uO09UtZprIcIZRWAanykhwotsUCUdeYzcZqigxLxzqmPIZf1TqauQ2piklUvdFqp26n1SJ3Aipi8lu_KLAhgtBOUU9gMHG4HUPvbhNwRo&sai=AMfl-YRbYj-VzD56E4fZ9xeJa4F6bSKmK_4eGh_vse1EqvTaB2N5hH4lreTohfdaN9r36Ypg1pnbeA_V3u7JInf67ExB1H7tdMSaJJSwZUkv843LHhN5-L0P1OM5_3YlN1GA8_FTxP4UQrxyE5pPOz-z3Emc0GKQEHQ&sig=Cg0ArKJSzJaDJXnsAy4rEAE&uach_m=[UACH]&pr=2:0.070594&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 13 Aug 2022 03:22:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
cs.adingo.jp/sync/ Frame 21C0
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvIn8kCEOKvotkCGPe59M4BIAEwAQ&v=APEucNVRyx4sJjEXiEYJgVPApmmXjd6UkxVO9Hjf2Pkpu6_BgYF-KhzMkC2KC-p8k6EbBcCxcHmL_-Dqv6_oCQHi-5-Juf9gZrn-AVqHm6_PLoTvh0M...
  • https://cm.g.doubleclick.net/pixel?google_nid=adingo_dbm&google_cm&google_dbm&gdpr=0
  • https://cs.adingo.jp/sync/?from=dbm&id=CAESEJGYIzf0rcmxcS-R4-pI9zA&google_cver=1&gdpr=0
43 B
398 B
Image
General
Full URL
https://cs.adingo.jp/sync/?from=dbm&id=CAESEJGYIzf0rcmxcS-R4-pI9zA&google_cver=1&gdpr=0
Protocol
H2
Server
18.177.113.58 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-113-58.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
image/gif
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
expires
Wed, 17 Sep 1975 21:32:10 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.adingo.jp/sync/?from=dbm&id=CAESEJGYIzf0rcmxcS-R4-pI9zA&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adEvent.do
prod-m-node-2113.ssp.yahoo.com/admax/ Frame 21C0
43 B
175 B
Image
General
Full URL
https://prod-m-node-2113.ssp.yahoo.com/admax/adEvent.do?tidi=770912229&dcn=8a969574017b7be07f13e163c6300030&posi=1575335&grp=%3F%3F%3F&nl=1660360917720&rts=1660360917649&pix=1&et=1&a=41e73af2-cc6b-4015-b992-d89d96f3a508&m=aXAtMTAtMjItMTMyLTExOQ..&p=MC4wMDAwNzA1OTQ&b=MTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.&uid=y-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%7EA&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxKUE4.&hb=true&type=6&bkts=MzIjMTI1fDI1IzEwNQ..&af=2&dety=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.120.7 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-120-7.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
last-modified
Tue, 09 Aug 2022 12:13:58 GMT
server
nginx/1.20.1
accept-ranges
bytes
content-length
43
content-type
image/gif
dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;met=1;ecn1=1;etm1=0;eid1=11;
ade.googlesyndication.com/ddm/activity/ Frame 21C0
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;met=1;ecn1=1;etm1=0;eid1=11;?cb=6975370587036513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adEngEvent
prod-m-node-2113.ssp.yahoo.com/admax/ Frame 21C0
0
54 B
Image
General
Full URL
https://prod-m-node-2113.ssp.yahoo.com/admax/adEngEvent?tidi=770912229&dcn=8a969574017b7be07f13e163c6300030&posi=1575335&uid=y-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%7EA&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxKUE4.&b=MTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.&hb=true&type=6&a=41e73af2-cc6b-4015-b992-d89d96f3a508&rts=1660360917649&eet=1&cb=3618572214301976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.120.7 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-120-7.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:01 GMT
content-length
0
server
nginx/1.20.1
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 7AFA
42 B
64 B
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bl9Ly1xj3Yr7bCseQ29gPzs69sAjoo6qURgAAABABIIOk1EU4AVjqh8m_gwRgifPFhPQTsgEOd3d3Lm9ubXNmdC5jb226AQs2NDB4NDgwX3htbMgBBdoBF2h0dHBzOi8vd3d3Lm9ubXNmdC5jb20vmAIywAIC4AIA6gI-LzE1NDAxMzE1NS8xMDIzNzg4LzcxOTA4L3B1Ymxpc2hlcjoxMDIzNzg4LXdlYnNpdGU6NzE5MDgtdmlkZW_4AoLSHpAD7AmYA-ADqAMB4AQB0gUGEPHjpPUVkAYBoAYkqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDgBx_SCA8IgGEQARgdMgKKAjoCgEDYCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=7Be_RsD50xY&label=vast_creativeview&ad_mt=0&acvw=sv%3D930%26cb%3Dima%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,254,452%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D-2%26vmtime%3D-1%26is%3D0%26cs%3D0%26c%3D0%26mc%3D-1%26nc%3D-1%26mv%3D-1%26nv%3D-1%26lte%3D-2%26ces%26femt%3D467%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D10,0,0,0,0%26avms%3Dexc%26qi%3D392513414%26psm%3D0%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2924%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1660360919463&sdkv=h.3.524.0&vci=CkYIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4ODMxMTM5NjkyDDEzODM3NzU3NzQ1MEBZCmIIARIQcHJlYmlkLmFkbnhzLmNvbRoJWWFob28gU1NQIAIqATEyDzEzNjE0LTQzMzkyMTI3MToFMTM2MTRAflIiEAQlAADwQSgBOgd1bmtub3duQgd1bmtub3duSLoLUABgARgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 7AFA
42 B
64 B
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bl9Ly1xj3Yr7bCseQ29gPzs69sAjoo6qURgAAABABIIOk1EU4AVjqh8m_gwRgifPFhPQTsgEOd3d3Lm9ubXNmdC5jb226AQs2NDB4NDgwX3htbMgBBdoBF2h0dHBzOi8vd3d3Lm9ubXNmdC5jb20vmAIywAIC4AIA6gI-LzE1NDAxMzE1NS8xMDIzNzg4LzcxOTA4L3B1Ymxpc2hlcjoxMDIzNzg4LXdlYnNpdGU6NzE5MDgtdmlkZW_4AoLSHpAD7AmYA-ADqAMB4AQB0gUGEPHjpPUVkAYBoAYkqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDgBx_SCA8IgGEQARgdMgKKAjoCgEDYCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=7Be_RsD50xY&label=videoautoplayed&ad_mt=0&acvw=sv%3D930%26cb%3Dima%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,254,452%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D-2%26vmtime%3D-1%26is%3D0%26cs%3D0%26c%3D0%26mc%3D-1%26nc%3D-1%26mv%3D-1%26nv%3D-1%26lte%3D-2%26ces%26femt%3D467%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D10,0,0,0,0%26avms%3Dexc%26qi%3D392513414%26psm%3D0%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2924%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1660360919463&sdkv=h.3.524.0&vci=CkYIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4ODMxMTM5NjkyDDEzODM3NzU3NzQ1MEBZCmIIARIQcHJlYmlkLmFkbnhzLmNvbRoJWWFob28gU1NQIAIqATEyDzEzNjE0LTQzMzkyMTI3MToFMTM2MTRAflIiEAQlAADwQSgBOgd1bmtub3duQgd1bmtub3duSLoLUABgARgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7AFA
0
26 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnR7YUh5O69saXb1g6BI6YftlEa01Cy9KqnHwVrEQX6NGavC1_oN327lnHI0A_I2iCuF8rWfrD8Cr-g9-fwG-I8pnbeCSNbzQrM1NleGl1O1MXvAF0E3V6DrCTdYO4h-YXKbRMPd6ivwRQ4UkOUJNbER_neTimdifNYXPfKbj4RJlDOAQc8CRoldypW5LfNteBPSMgY1YVLoFq7TPNtZyM-i3smCEGFmrgfxtZ_ueU4u9F28t73mTtcZHVBQKkvlrIn5-WjyEqaHQBFkFYEwjZxp52V0gYBV9x0QB34kCznp3E_fQgMtGXw2Iffe9YjQ_TmIiQ1mPNQRptTragOx4n2heLTnimm5S24xVPMdWavlBwjJPNKi8xkw&sai=AMfl-YS18kjtuzz-2IWknQnDxLp_eUmMLIbabLhKC1I9i4mF8ez3-4tKOwn3J4OjkTeF5Y__7SQovTVFb1GCPmQ&sig=Cg0ArKJSzG6Bk3PURqduEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&sdkv=h.3.524.0&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:22:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 7AFA
42 B
66 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTBhFVabeLXc47y593Bqc35W7KJs11LKNjTuKhixKIaOUubAkagjMPZ05EF9agYiwY6BLYNnx8aJ0orXsolMj9_2BYcKCDdUHY6b6zvc1V4h7Uo57W&sig=Cg0ArKJSzEvag9_Bwu7rEAE&id=lidarv&acvw=sv%3D930%26cb%3Dima%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,254,452%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D-2%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D467%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D10,0,0,0,0%26avms%3Dexc%26qi%3D392513414%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D2931%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1660360919463&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 7AFA
42 B
64 B
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bl9Ly1xj3Yr7bCseQ29gPzs69sAjoo6qURgAAABABIIOk1EU4AVjqh8m_gwRgifPFhPQTsgEOd3d3Lm9ubXNmdC5jb226AQs2NDB4NDgwX3htbMgBBdoBF2h0dHBzOi8vd3d3Lm9ubXNmdC5jb20vmAIywAIC4AIA6gI-LzE1NDAxMzE1NS8xMDIzNzg4LzcxOTA4L3B1Ymxpc2hlcjoxMDIzNzg4LXdlYnNpdGU6NzE5MDgtdmlkZW_4AoLSHpAD7AmYA-ADqAMB4AQB0gUGEPHjpPUVkAYBoAYkqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDgBx_SCA8IgGEQARgdMgKKAjoCgEDYCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=7Be_RsD50xY&label=part2viewed&ad_mt=0&acvw=sv%3D930%26cb%3Dima%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,254,452%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D-2%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D467%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D10,0,0,0,0%26avms%3Dexc%26qi%3D392513414%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D2931%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1660360919463&sdkv=h.3.524.0&vci=CkYIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4ODMxMTM5NjkyDDEzODM3NzU3NzQ1MEBZCmIIARIQcHJlYmlkLmFkbnhzLmNvbRoJWWFob28gU1NQIAIqATEyDzEzNjE0LTQzMzkyMTI3MToFMTM2MTRAflIiEAQlAADwQSgBOgd1bmtub3duQgd1bmtub3duSLoLUABgARgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 0E37
23 KB
9 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
254145
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 04:46:16 GMT
expires
Thu, 10 Aug 2023 04:46:16 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
px.moatads.com/ Frame E3B6
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=29&q=0&hp=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VERIZON_SSP_VIDEO1&ol=1314433452&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VC4NafZqZuc7FwBUS30oB3JRuQXyveKl6wFbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-nFmOVythgEwLgg%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=452&qe=254&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=8&g=1&h=254&w=452&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.onmsft.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.onmsft.com&lp=https%3A%2F%2Fwww.onmsft.com&t=1660360921040&de=597303311449&cu=1660360921040&m=740&ar=1da355aa18f-clean&iw=acdcd33&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=175&lg=1&lh=27&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A53%3A52&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=720&cd=720&ah=720&am=720&dq=103&dr=103&ds=103&dt=103&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=55023%3A13614%3A13614%3Ahttps_%2F%2Fwww.onmsft.com%2F&bo=354614&bd=1575335&gw=verizonmediasspvideo234910527399&zMoatOrigSlicer1=354614&zMoatOrigSlicer2=1575335&zMoatParams=tidi%3D770912229%26dcn%3D8a969574017b7be07f13e163c6300030%26posi%3D1575335%26uid%3Dy-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%257EA%26xdi%3DPz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.%26xoi%3DMHxKUE4.%26b%3DMTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.%26a%3D41e73af2-cc6b-4015-b992-d89d96f3a508%26rts%3D1660360917649&ab=3&fd=1&kt=sframe&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=199703&na=1944240372&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:22:01 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 03:22:01 GMT
dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
pagead2.googlesyndication.com/bg/ Frame 0E37
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:03:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
328741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14301
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 08:03:00 GMT
pixel.gif
px.moatads.com/ Frame E3B6
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VERIZON_SSP_VIDEO1&ol=1314433452&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VC4NafZqZuc7FwBUS30oB3JRuQXyveKl6wFbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-nFmOVythgEwLgg%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=452&qe=254&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=8&g=2&h=254&w=452&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.onmsft.com%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.onmsft.com&lp=https%3A%2F%2Fwww.onmsft.com&t=1660360921040&de=597303311449&cu=1660360921040&m=844&ar=1da355aa18f-clean&iw=acdcd33&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=175&lg=1&lh=27&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A53%3A52&aa=0&ad=58&cn=0&gk=58&gl=0&ez=1&cq=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=720&cd=720&ah=720&am=720&dq=103&dr=103&ds=103&dt=103&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=55023%3A13614%3A13614%3Ahttps_%2F%2Fwww.onmsft.com%2F&bo=354614&bd=1575335&gw=verizonmediasspvideo234910527399&zMoatOrigSlicer1=354614&zMoatOrigSlicer2=1575335&zMoatParams=tidi%3D770912229%26dcn%3D8a969574017b7be07f13e163c6300030%26posi%3D1575335%26uid%3Dy-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%257EA%26xdi%3DPz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.%26xoi%3DMHxKUE4.%26b%3DMTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.%26a%3D41e73af2-cc6b-4015-b992-d89d96f3a508%26rts%3D1660360917649&ab=3&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=199703&na=1476113510&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:22:01 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 03:22:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E37
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.524.0&bgai=BKQYT2Bj3Yo_VK4OIpt8P0d2GoAwAAAAAOAHgBAI&bg=!9Pel97PNAAa4hXTbmIU7ACkAdvg8WpTF39AhZmELELq4fyxn50kTnjAOUyB-AJxwXNYNk6iKf-MnXgIAAABQUgAAAAJoAQeZAxwi3PXEq7A_-BF1lqgVH-ih362j0Gvu1KslfUuE5ki6fBDOZrClZlWxhqrIlKnDkxPAXO4-UngoXa0JbryqEK8swa9e-Si04VJ51-NXsMnKorFGg6qVXFYMH5VG_5VxWHRmaB5A6hK_FAfo0oNYWVTp4iJCdey9nl9Bp_h4w0EaT5Npxvi80kZzW3mdpOh7EP83Q2bEZByMkj2akg262uNZvexvDB_IwrCXdpyIWcCPXe_uCbFxGX8SdXdLgZ0QdIO_mkVtQppCe5Xql1NVgYy1cnCiJ_AbZQWRhfc4BG_b1F2B6Su6PqZS8sIrq6s2oREA_NEXjDQ2sjaGCAID1B8YWAqRAScG0erWggFYu8gG3eTsbEAtPQet-6o8uS_Zwj29DoOo34VhP0fnK2YX51s8BofVT0vu2cta38he_lMGnDGqozOvWY8yLDEiW3GBfHphYWYFxWRGjpDUrX_G9arwB2RFEMGaV4For_39AU7dX2SnP7h4G4Av_DewBAFadIzHRuHYblWVwjZkU14sim-FHpMqYN522MgU9IISBTveb01Zr8g-6VJQvB0ObZ1XXH14pqcgeNKU1KNPNE1DlXicGxGkrBkN_T4L83t3ML2lowfDeU3vHsEnmJn8HoXg7FxPyycnRgi2t6jRxnUaS9digLpVA5EubSImU0LqYXRZOBw7SKmC6N1f1eEacM7a1pypObQayc6oYQxbOMiapd13BCsfRZeEQun9GXkbt96mIr6ZUw6WSRaTUwymrH6rQ3olP_UGwmyUSUE6Ji-XR_81q1BC0WBCkmODTqb8Sk9VXAWwOs6XtVR5DjolHzNYP_cU6wvxC3TFRqYbGr5oGLYzbK_NbkDlpNgzAEusvApZgbSEs7dfA4joYkVm_yOxJC8Pk0A8D_1swHckyEG8aA0bNwXD4XpEllcCPf_HJn9sYPAkwVknRDOeRIXUI-KCpLg_zMrmaAayUPCyjhHvg-S6lvFV1MEz_2m6jRVVFrYW4gGY3WzEdCKX3EkVgJGzVt6clpi8DybMuk4mVuG_ufhXAIEqWSHFXr7SWUhl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
hde.tynt.com/deb/ Frame EC6B
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
2 KB
4 KB
Document
General
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
fbeeacd53a85306c5edd6fbb37c9c5534475423e0660b3c10cc14d54ffa3d8c1

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2554
content-type
text/html
date
Sat, 13 Aug 2022 03:22:02 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Sat, 13 Aug 2022 03:22:02 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
/
kinesis.us-east-1.amazonaws.com/
257 B
693 B
XHR
General
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-206.compute-1.amazonaws.com
Software
/
Resource Hash
2f54924cb2c121e1d89eb1a42ef194b75aaf6b732dbc1e0e95b2f77e7909942b

Request headers

accept-language
jp-JP,jp;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIA44GIABD57PYVUX6G/20220813/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=f0648e609f483370b88a27ce118917082f06022a8e9d528e117b397d3e55b817
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
99e0484562fc73cfd36696c99903877953f695197b765f4d105b1f189fd76571
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Referer
https://www.onmsft.com/
X-Amz-Target
Kinesis_20131202.PutRecords
X-Amz-Date
20220813T032202Z
X-Amz-User-Agent
aws-sdk-js/2.387.0 callback

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
x-amzn-RequestId
ed8986a5-aa5a-d32a-b6f8-9dbfe798d9e8
Date
Sat, 13 Aug 2022 03:22:02 GMT
Content-Length
257
x-amz-id-2
elo8LN7kiq8A4gZPZkX8qdE6hiIlPEfYWjd2WeNAESUVkQSgqm2JFoq6NdLuY/19K8BNYcZZGzBHLKUgbejkAqo5mzWJ81Be
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame
0
0
Preflight
General
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-206.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://www.onmsft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 13 Aug 2022 03:22:02 GMT
x-amzn-RequestId
fabede4c-431a-8304-a1cf-c5560ed889c6
csi
csi.gstatic.com/ Frame 8C2A
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l6rc0u7w&c=1625187436481&slotId=812593718240.5&fb=ima_html5-lima&sdkv=h.3.524.0%2Fvpaid_adapter&mrd=4&aab=1&itv=1&gpm_i=12&gpm_c=12&gpm_a=11&smb=1000&br=983&mt=video%2Fmp4&vs=640x360&webm=0&vp9=0&vamt=application%2Fx-mpegurl%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&met.4=ff.l6rc0ujh
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.524.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4007:809::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame E3B6
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VERIZON_SSP_VIDEO1&ol=1314433452&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VC4NafZqZuc7FwBUS30oB3JRuQXyveKl6wFbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-nFmOVythgEwLgg%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=452&qe=254&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=3&h=254&w=452&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.onmsft.com%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.onmsft.com&lp=https%3A%2F%2Fwww.onmsft.com&t=1660360921040&de=597303311449&cu=1660360921040&m=1857&ar=1da355aa18f-clean&iw=acdcd33&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=175&lg=1&lh=27&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A5101%3A5189%3A53%3A52&aa=1&ad=1071&cn=58&gn=1&gk=1071&gl=58&ez=1&cp=1648&cq=1&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1648&cd=720&ah=1648&am=720&dq=1031&dr=103&ds=1031&dt=103&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=0&vt=29&vd=0&zMoatSRE=0.05979583333333333&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=55023%3A13614%3A13614%3Ahttps_%2F%2Fwww.onmsft.com%2F&bo=354614&bd=1575335&gw=verizonmediasspvideo234910527399&zMoatOrigSlicer1=354614&zMoatOrigSlicer2=1575335&zMoatParams=tidi%3D770912229%26dcn%3D8a969574017b7be07f13e163c6300030%26posi%3D1575335%26uid%3Dy-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%257EA%26xdi%3DPz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.%26xoi%3DMHxKUE4.%26b%3DMTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.%26a%3D41e73af2-cc6b-4015-b992-d89d96f3a508%26rts%3D1660360917649&ab=3&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=199703&na=1317700817&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:22:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 03:22:02 GMT
pixel.gif
px.moatads.com/ Frame E3B6
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VERIZON_SSP_VIDEO1&ol=1314433452&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VC4NafZqZuc7FwBUS30oB3JRuQXyveKl6wFbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-nFmOVythgEwLgg%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=452&qe=254&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=4&h=254&w=452&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.onmsft.com%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.onmsft.com&lp=https%3A%2F%2Fwww.onmsft.com&t=1660360921040&de=597303311449&cu=1660360921040&m=1860&ar=1da355aa18f-clean&iw=acdcd33&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=175&lg=1&lh=27&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A5101%3A5189%3A53%3A52&aa=1&ad=1071&cn=1071&gn=1&gk=1071&gl=1071&ez=1&cp=1648&cq=1&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1648&cd=1648&ah=1648&am=1648&dq=1031&dr=1031&ds=1031&dt=1031&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=29&vt=29&vd=0&zMoatSRE=0.05979583333333333&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=55023%3A13614%3A13614%3Ahttps_%2F%2Fwww.onmsft.com%2F&bo=354614&bd=1575335&gw=verizonmediasspvideo234910527399&zMoatOrigSlicer1=354614&zMoatOrigSlicer2=1575335&zMoatParams=tidi%3D770912229%26dcn%3D8a969574017b7be07f13e163c6300030%26posi%3D1575335%26uid%3Dy-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%257EA%26xdi%3DPz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.%26xoi%3DMHxKUE4.%26b%3DMTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.%26a%3D41e73af2-cc6b-4015-b992-d89d96f3a508%26rts%3D1660360917649&ab=3&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=199703&na=939467297&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:22:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 03:22:02 GMT
usync.html
eus.rubiconproject.com/ Frame 04B5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Aug 2022 03:22:03 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 13 Aug 2022 03:22:03 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 04B5
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f20b44f4c11af710237c278ab58ad01bfe9dfc72f62131392dc7c391a9d35a64

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 03:22:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70530
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9452
Expires
Sat, 13 Aug 2022 22:57:33 GMT
usync.html
eus.rubiconproject.com/ Frame 5172
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Aug 2022 03:22:03 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 13 Aug 2022 03:22:03 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
cm
us-u.openx.net/w/1.0/ Frame F2D0
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1660360922993.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D...
1 KB
637 B
Document
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
39a9f40f1fe02584f3d23c2f62bc3f9661c2d09850319457ee20a93e52fd33a7

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
618
content-type
text/html
date
Sat, 13 Aug 2022 03:22:03 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Sat, 13 Aug 2022 03:22:02 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP003
x-33x-status
40000000008200000A
setuid
u.4dex.io/ Frame EC6B
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1660360922993.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://u.4dex.io/setuid?bidder=33across&uid=117870380020475
0
15 B
Image
General
Full URL
https://u.4dex.io/setuid?bidder=33across&uid=117870380020475
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:03 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:02 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://u.4dex.io/setuid?bidder=33across&uid=117870380020475
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame EC6B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dthe33...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=6d5b18776b554e40a505a57c32996d0c&ssp=the33across&bsw_param=f5902f6c-8f9b-44bb-af11-1df39412e0e6&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=f5902f6c-8f9b-44bb-af11-1df39412e0e6
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=f5902f6c-8f9b-44bb-af11-1df39412e0e6&ts=1660360923&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=f5902f6c-8f9b-44bb-af11-1df39412e0e6&ts=1660360923&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:03 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:03 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=f5902f6c-8f9b-44bb-af11-1df39412e0e6&ts=1660360923&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame EC6B
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1660360922993.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=c02b62f7-18d8-4b00-b88a-52a4b056996c
68 B
225 B
Image
General
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=c02b62f7-18d8-4b00-b88a-52a4b056996c
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:03 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Sat, 13 Aug 2022 03:22:03 GMT
Server
MT3 4475 c1dc35a master hkg-pixel-x4 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=c02b62f7-18d8-4b00-b88a-52a4b056996c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 13 Aug 2022 03:22:02 GMT
match
events-ssc.33across.com/ Frame EC6B
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1660360922993.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=4764734661110149725
68 B
126 B
Image
General
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=4764734661110149725
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:03 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:03 GMT
X-Proxy-Origin
217.138.252.170; 217.138.252.170; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f35bee22-4f77-47d7-bc0f-46cd911a566d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=4764734661110149725
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
p.adsymptotic.com/d/px/ Frame EC6B
Redirect Chain
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=O6sNR2L3GNo%2Bsn6KPu%2F7fA%3D%3D&us_privacy=&_rand=1660360922993.7
  • https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_puuid=O6sNR2L3GNo%2Bsn6KPu%2F7fA%3D%3D&_pu
  • https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_puuid=O6sNR2L3GNo%2Bsn6KPu%2F7fA%3D%3D&_pu&_expected_cookie=01e45ee99c42686f2e2ee8258675d878
43 B
142 B
Image
General
Full URL
https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_puuid=O6sNR2L3GNo%2Bsn6KPu%2F7fA%3D%3D&_pu&_expected_cookie=01e45ee99c42686f2e2ee8258675d878
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
739e52fb0d3d80b7-NRT
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_puuid=O6sNR2L3GNo%2Bsn6KPu%2F7fA%3D%3D&_pu&_expected_cookie=01e45ee99c42686f2e2ee8258675d878
date
Sat, 13 Aug 2022 03:22:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
739e52fa7c7f80b7-NRT
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
map.go.affec.tv/map/ttd/ Frame EC6B
Redirect Chain
  • https://map.go.affec.tv/map/3a/?pid=O6sNR2L3GNo%2Bsn6KPu%2F7fA%3D%3D&us_privacy=&ts=1660360922993.8
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D62f718db0cba3f000143c900%26chc%3Dtt%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D
  • https://map.go.affec.tv/map/an/4764734661110149725?ch=62f718db0cba3f000143c900&chc=tt&gdpr=&gdpr_consent=&redirect_url=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&ch=62f718db0cba3f000143c900&chc=tt%7Can&gdpr=&gdpr_consent=&redirect_url=
  • https://map.go.affec.tv/map/ttd/1d21bf0c-4a0d-434d-a5b7-0628b31a7df1?ttd_puid=&gdpr=0&gdpr_consent=
0
564 B
Image
General
Full URL
https://map.go.affec.tv/map/ttd/1d21bf0c-4a0d-434d-a5b7-0628b31a7df1?ttd_puid=&gdpr=0&gdpr_consent=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
3.1.1.164 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-1-164.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:03 GMT
content-encoding
gzip
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://map.go.affec.tv/map/ttd/1d21bf0c-4a0d-434d-a5b7-0628b31a7df1?ttd_puid=&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
229
receive
pixel.tapad.com/idsync/ex/ Frame EC6B
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=O6sNR2L3GNo%2Bsn6KPu%2F7fA%3D%3D&us_privacy=&random=1660360922993.9&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2F...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=O6sNR2L3GNo%2Bsn6KPu%2F7fA%3D%3D&us_privacy=&random=1660360922993.9&redirect=https%3A%2F%2Fthinkcxad.azurewebsites....
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=b6666516-47ac-4666-a42b-44896fe45ab8&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=b6666516-47ac-4666-a42b-44896fe45ab8&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=18364271378211970333985419335626303420&pt=b6666516-47ac-4666-a42b-44896fe45ab8%2C
95 B
113 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=18364271378211970333985419335626303420&pt=b6666516-47ac-4666-a42b-44896fe45ab8%2C
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
193.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:03 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

DCS
dcs-prod-tyo3-1-v036-018905559.edge-tyo3.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
CRQKPR/TQWY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=18364271378211970333985419335626303420&pt=b6666516-47ac-4666-a42b-44896fe45ab8%2C
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
mapuid
secure.adnxs.com/ Frame EC6B
Redirect Chain
  • https://dp1.33across.com/ps/?pid=669&uid=O6sNR2L3GNo%2Bsn6KPu%2F7fA%3D%3D&us_privacy=&random=1660360922993.10
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=117870380020475&seg_code=33x&random=1660360923
43 B
965 B
Image
General
Full URL
https://secure.adnxs.com/mapuid?t=2&member=1001&user=117870380020475&seg_code=33x&random=1660360923
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:03 GMT
X-Proxy-Origin
217.138.252.170; 217.138.252.170; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1215228e-d58b-4cf8-82e8-1cf79a4e84df
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:03 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
402044000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://secure.adnxs.com/mapuid?t=2&member=1001&user=117870380020475&seg_code=33x&random=1660360923
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
setuid
u.4dex.io/ Frame 04B5
Redirect Chain
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=L6RC0R9W-4-M8UN
  • https://u.4dex.io/setuid?bidder=rubicon&uid=L6RC0R9W-4-M8UN
0
15 B
Image
General
Full URL
https://u.4dex.io/setuid?bidder=rubicon&uid=L6RC0R9W-4-M8UN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:03 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://u.4dex.io/setuid?bidder=rubicon&uid=L6RC0R9W-4-M8UN
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
usync.js
eus.rubiconproject.com/ Frame 5172
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f20b44f4c11af710237c278ab58ad01bfe9dfc72f62131392dc7c391a9d35a64

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 03:22:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70530
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9452
Expires
Sat, 13 Aug 2022 22:57:33 GMT
match
events-ssc.33across.com/ Frame 5172
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L6RC0R9W-4-M8UN
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L6RC0R9W-4-M8UN
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L6RC0R9W-4-M8UN&ts=1660360923&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L6RC0R9W-4-M8UN&ts=1660360923&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:04 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:03 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L6RC0R9W-4-M8UN&ts=1660360923&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame F2D0
68 B
126 B
Image
General
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=70&external_user_id=46b7333d-6f5a-4720-9b5e-616c0d5539eb
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:03 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
sd
us-u.openx.net/w/1.0/ Frame F2D0
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=6e3bedabba1a20b7&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALn2vcDoznwAMgsHrRAAAAAAA&expiration=1660447323&nuid={OX_USER_ID}&is_secure=true
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALn2vcDoznwAMgsHrRAAAAAAA&expiration=1660447323&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:03 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALn2vcDoznwAMgsHrRAAAAAAA&expiration=1660447323&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ups.analytics.yahoo.com/ups/58294/ Frame F2D0
0
331 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&gdpr=0&uid=1e18bcda-69bb-4d86-a44e-afb690a25fdd
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.178.22.21 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-178-22-21.ap-northeast-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:03 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sd
us-u.openx.net/w/1.0/ Frame F2D0
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=5B4E008793F54505B5A6F2E58C09A7F8
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=5B4E008793F54505B5A6F2E58C09A7F8
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 13 Aug 2022 03:22:03 GMT
x-content-type-options
nosniff
server
nginx
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=5B4E008793F54505B5A6F2E58C09A7F8
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Fri, 12 Aug 2022 03:22:03 GMT
redirect
match.rundsp.com/ Frame F2D0
0
41 B
Image
General
Full URL
https://match.rundsp.com/redirect?ex=openx
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:c411:12::1050 Amsterdam, Netherlands, ASN399104 (CNVR-APAC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:03 GMT
server
nginx
19cb1bfc173dcb98ccec
s.amazon-adsystem.com/x/ Frame F2D0
0
0
Image
General
Full URL
https://s.amazon-adsystem.com/x/19cb1bfc173dcb98ccec
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

sd
us-u.openx.net/w/1.0/ Frame F2D0
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=46mtB6UV1OmHIQ5
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=46mtB6UV1OmHIQ5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:02 GMT
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-0d0566d062fd4ea5d@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=46mtB6UV1OmHIQ5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F2D0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YvcY2AAGB6JGTAAK
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YvcY2AAGB6JGTAAK
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1660360923.314938,VS0,VE0
x-served-by
cache-tyo11958-TYO
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YvcY2AAGB6JGTAAK
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
openx
tr.blismedia.com/v1/api/sync/ Frame F2D0
0
173 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
jp-u.openx.net/w/1.0/ Frame F2D0
Redirect Chain
  • https://bk.r-ad.ne.jp/3/cs
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=4zx3M300YBDGa007uoNM
43 B
61 B
Image
General
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537097918&val=4zx3M300YBDGa007uoNM
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Sat, 13 Aug 2022 03:22:03 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//jp-u.openx.net/w/1.0/sd?id=537097918&val=4zx3M300YBDGa007uoNM
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pxd
dps.jp.cinarra.com/ Frame F2D0
95 B
220 B
Image
General
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=1&USER_ID=566ea253-af04-8d83-fd61-dce8949d144a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.168.116 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-168-116.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 03:22:03 GMT
Connection
keep-alive
Content-Length
95
Content-Type
image/png
dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;av=1;acvw=sv%3D930%26cb%3Dima%26e%3D1%...
ade.googlesyndication.com/ddm/activity/ Frame 8C2A
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;av=1;acvw=sv%3D930%26cb%3Dima%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,254,452%26tos%3D1591,0,0,0,0%26mtos%3D1591,1591,1591,1591,1591%26amtos%3D0,0,0,0,0%26mcvt%3D1591%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1591%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D413%26pst%3D413%26dur%3D6016%26vmtime%3D1546%26dvs%3D1580%26dfvs%3D1580%26dvpt%3D1580%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1591,1591,1591,1591,1591%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D121%26femvt%3D0%26emc%3D11%26emuc%3D0%26emb%3D9,0,0,0,0%26avms%3Dexc%26qi%3D993401895%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D2206%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,1591;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1660360921348;ecn1=0;etm1=0;eid1=210002;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;met=1;ecn1=1;etm1=0;eid1=960584;
ade.googlesyndication.com/ddm/activity/ Frame 21C0
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;met=1;ecn1=1;etm1=0;eid1=960584;?cb=8132474711236335
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adEngEvent
prod-m-node-2113.ssp.yahoo.com/admax/ Frame 21C0
0
54 B
Image
General
Full URL
https://prod-m-node-2113.ssp.yahoo.com/admax/adEngEvent?tidi=770912229&dcn=8a969574017b7be07f13e163c6300030&posi=1575335&uid=y-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%7EA&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxKUE4.&b=MTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.&hb=true&type=6&a=41e73af2-cc6b-4015-b992-d89d96f3a508&rts=1660360917649&eet=2&cb=7473113778357474
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.120.7 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-120-7.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:03 GMT
content-length
0
server
nginx/1.20.1
ad-engine-flow.gif
trk.vidible.tv/trk/ Frame 21C0
0
66 B
Image
General
Full URL
https://trk.vidible.tv/trk/ad-engine-flow.gif?bcid=56bcd17ce4b018167fea5539&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.onmsft.com&s=true&sid=0536cf9d-89ad-4794-805c-b78387c7a119&vvuid=d6d6736e-3c91-4630-938e-ee87fa56677d&at=preroll&adIdx=1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=452&crt=VPAID%20application%2Fjavascript&stg=q1&aid=533015161&al=6&ap=true&cpm=0&fo=0&h=254&m=true&p.vw.active=1&p.vw.sound=0&vwa=100&vwm=100&cb=0.40636301388519414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.103.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-103-248.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:03 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
pixel.gif
px.moatads.com/ Frame E3B6
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=29&q=1&hp=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VERIZON_SSP_VIDEO1&ol=1314433452&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VC4NafZqZuc7FwBUS30oB3JRuQXyveKl6wFbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-nFmOVythgEwLgg%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=452&qe=254&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=5&h=254&w=452&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.onmsft.com%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.onmsft.com&lp=https%3A%2F%2Fwww.onmsft.com&t=1660360921040&de=597303311449&cu=1660360921040&m=2316&ar=1da355aa18f-clean&iw=acdcd33&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=175&lg=1&lh=27&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A5101%3A5189%3A53%3A52&aa=1&ad=1485&cn=1071&gn=1&gk=1485&gl=1071&ez=1&cp=1648&cq=1&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2263&cd=1648&ah=2263&am=1648&dq=1646&dr=1031&ds=1646&dt=1031&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=29&vt=100&vd=0&zMoatSRE=0.05979583333333333&zMoatVSD=6.172&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&eg=1&rf=0&re=1&cl=0&at=0&d=55023%3A13614%3A13614%3Ahttps_%2F%2Fwww.onmsft.com%2F&bo=354614&bd=1575335&gw=verizonmediasspvideo234910527399&zMoatOrigSlicer1=354614&zMoatOrigSlicer2=1575335&zMoatParams=tidi%3D770912229%26dcn%3D8a969574017b7be07f13e163c6300030%26posi%3D1575335%26uid%3Dy-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%257EA%26xdi%3DPz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.%26xoi%3DMHxKUE4.%26b%3DMTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.%26a%3D41e73af2-cc6b-4015-b992-d89d96f3a508%26rts%3D1660360917649&ab=3&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=199703&na=1972047860&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:22:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 03:22:03 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 7AFA
42 B
64 B
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bl9Ly1xj3Yr7bCseQ29gPzs69sAjoo6qURgAAABABIIOk1EU4AVjqh8m_gwRgifPFhPQTsgEOd3d3Lm9ubXNmdC5jb226AQs2NDB4NDgwX3htbMgBBdoBF2h0dHBzOi8vd3d3Lm9ubXNmdC5jb20vmAIywAIC4AIA6gI-LzE1NDAxMzE1NS8xMDIzNzg4LzcxOTA4L3B1Ymxpc2hlcjoxMDIzNzg4LXdlYnNpdGU6NzE5MDgtdmlkZW_4AoLSHpAD7AmYA-ADqAMB4AQB0gUGEPHjpPUVkAYBoAYkqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDgBx_SCA8IgGEQARgdMgKKAjoCgEDYCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=7Be_RsD50xY&label=videoplaytime25&ad_mt=1545&acvw=sv%3D930%26cb%3Dima%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,254,452%26tos%3D1556,0,0,0,0%26mtos%3D1556,1556,1556,1556,1556%26amtos%3D0,0,0,0,0%26mcvt%3D1556%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1556%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1556%26pst%3D-1%26vpaid%26dur%3D-2%26vmtime%3D-1%26dvs%3D1556%26dfvs%3D1556%26dvpt%3D1556%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1556,1556,1556,1556,1556%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D467%26femvt%3D0%26emc%3D19%26emuc%3D0%26emb%3D17,0,0,0,0%26avms%3Dexc%26qi%3D392513414%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D4487%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1556&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1660360919463&sdkv=h.3.524.0&vci=CkYIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4ODMxMTM5NjkyDDEzODM3NzU3NzQ1MEBZCmIIARIQcHJlYmlkLmFkbnhzLmNvbRoJWWFob28gU1NQIAIqATEyDzEzNjE0LTQzMzkyMTI3MToFMTM2MTRAflIiEAQlAADwQSgBOgd1bmtub3duQgd1bmtub3duSLoLUABgARgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
e.clarity.ms/
0
48 B
XHR
General
Full URL
https://e.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.39/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
https://www.onmsft.com
date
Sat, 13 Aug 2022 03:22:03 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
pixel.gif
px.moatads.com/ Frame E3B6
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VERIZON_SSP_VIDEO1&ol=1314433452&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VC4NafZqZuc7FwBUS30oB3JRuQXyveKl6wFbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-nFmOVythgEwLgg%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=452&qe=254&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=6&h=254&w=452&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.onmsft.com%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.onmsft.com&lp=https%3A%2F%2Fwww.onmsft.com&t=1660360921040&de=597303311449&cu=1660360921040&m=2873&ar=1da355aa18f-clean&iw=acdcd33&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=175&lg=1&lh=27&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A5101%3A5189%3A53%3A52&aa=1&ad=2088&cn=1485&gn=1&gk=2088&gl=1485&ez=1&co=2088&cp=1648&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2665&cd=2263&ah=2665&am=2263&dq=2048&dr=1646&ds=2048&dt=1646&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=100&vt=141&vd=0&zMoatSRE=0.05979583333333333&zMoatVSD=6.172&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&eg=1&rf=0&re=1&cl=0&at=0&d=55023%3A13614%3A13614%3Ahttps_%2F%2Fwww.onmsft.com%2F&bo=354614&bd=1575335&gw=verizonmediasspvideo234910527399&zMoatOrigSlicer1=354614&zMoatOrigSlicer2=1575335&zMoatParams=tidi%3D770912229%26dcn%3D8a969574017b7be07f13e163c6300030%26posi%3D1575335%26uid%3Dy-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%257EA%26xdi%3DPz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.%26xoi%3DMHxKUE4.%26b%3DMTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.%26a%3D41e73af2-cc6b-4015-b992-d89d96f3a508%26rts%3D1660360917649&ab=3&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=199703&na=53462821&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:22:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 03:22:03 GMT
pixel.gif
px.moatads.com/ Frame E3B6
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VERIZON_SSP_VIDEO1&ol=1314433452&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VC4NafZqZuc7FwBUS30oB3JRuQXyveKl6wFbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-nFmOVythgEwLgg%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=452&qe=254&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=7&h=254&w=452&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.onmsft.com%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.onmsft.com&lp=https%3A%2F%2Fwww.onmsft.com&t=1660360921040&de=597303311449&cu=1660360921040&m=2874&ar=1da355aa18f-clean&iw=acdcd33&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=175&lg=1&lh=27&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A5101%3A5189%3A53%3A52&aa=1&ad=2088&cn=2088&gn=1&gk=2088&gl=2088&ez=1&co=2088&cp=1648&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2665&cd=2665&ah=2665&am=2665&dq=2048&dr=2048&ds=2048&dt=2048&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=141&vt=141&vd=0&zMoatSRE=0.05979583333333333&zMoatVSD=6.172&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&eg=1&rf=0&re=1&cl=0&at=0&d=55023%3A13614%3A13614%3Ahttps_%2F%2Fwww.onmsft.com%2F&bo=354614&bd=1575335&gw=verizonmediasspvideo234910527399&zMoatOrigSlicer1=354614&zMoatOrigSlicer2=1575335&zMoatParams=tidi%3D770912229%26dcn%3D8a969574017b7be07f13e163c6300030%26posi%3D1575335%26uid%3Dy-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%257EA%26xdi%3DPz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.%26xoi%3DMHxKUE4.%26b%3DMTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.%26a%3D41e73af2-cc6b-4015-b992-d89d96f3a508%26rts%3D1660360917649&ab=3&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=199703&na=849493664&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:22:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 03:22:03 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8C2A
42 B
67 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsveAQ0F0iomocEXid959_qZ2ss9u0MFgy4gcNAljniD98r4lcKpJo-TgGANAeHnpRZb1K5zTRol2pPyejtTOy86sF3-4v3hkLA&sig=Cg0ArKJSzBdBSLNg_ptLEAE&id=lidarv&acvw=sv%3D930%26cb%3Dima%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,254,452%26tos%3D2194,0,0,0,0%26mtos%3D2194,2194,2194,2194,2194%26amtos%3D0,0,0,0,0%26mcvt%3D2194%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2194%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D614%26pst%3D413%26dur%3D6016%26vmtime%3D2082%26dtos%3D2194%26dtoss%3D1%26dvs%3D603%26dfvs%3D603%26dvpt%3D603%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D121%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D993401895%26psm%3D-2147483641%26psv%3D-2147483641%26psfv%3D-2147483641%26psa%3D0%26ptlt%3D2808%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,2194&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1660360921348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;av=1;acvw=sv%3D930%26cb%3Dima%26e%3D9%...
ade.googlesyndication.com/ddm/activity/ Frame 8C2A
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;av=1;acvw=sv%3D930%26cb%3Dima%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,254,452%26tos%3D2194,0,0,0,0%26mtos%3D2194,2194,2194,2194,2194%26amtos%3D0,0,0,0,0%26mcvt%3D2194%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2194%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D614%26pst%3D413%26dur%3D6016%26vmtime%3D2082%26dtos%3D2194%26dtoss%3D1%26dvs%3D603%26dfvs%3D603%26dvpt%3D603%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D121%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D993401895%26psm%3D-2147483641%26psv%3D-2147483641%26psfv%3D-2147483641%26psa%3D0%26ptlt%3D2808%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,2194;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1660360921348;ecn1=0;etm1=0;eid1=200000;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7AFA
42 B
67 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTBhFVabeLXc47y593Bqc35W7KJs11LKNjTuKhixKIaOUubAkagjMPZ05EF9agYiwY6BLYNnx8aJ0orXsolMj9_2BYcKCDdUHY6b6zvc1V4h7Uo57W&sig=Cg0ArKJSzEvag9_Bwu7rEAE&id=lidarv&acvw=sv%3D930%26cb%3Dima%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,254,452%26tos%3D2160,0,0,0,0%26mtos%3D2160,2160,2160,2160,2160%26amtos%3D0,0,0,0,0%26mcvt%3D2160%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2160%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2160%26pst%3D-1%26vpaid%26dur%3D-2%26vmtime%3D-1%26dtos%3D2160%26dtoss%3D1%26dvs%3D604%26dfvs%3D604%26dvpt%3D604%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D16777217%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D467%26femvt%3D0%26emc%3D22%26emuc%3D0%26emb%3D20,0,0,0,0%26avms%3Dexc%26qi%3D392513414%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D5091%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2160&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1660360919463
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=c8461c9a-9d8c-4442-b5f7-9da8e522489f
0
15 B
Image
General
Full URL
https://u.4dex.io/setuid?bidder=improvedigital&uid=c8461c9a-9d8c-4442-b5f7-9da8e522489f
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:04 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https://u.4dex.io/setuid?bidder=improvedigital&uid=c8461c9a-9d8c-4442-b5f7-9da8e522489f
date
Sat, 13 Aug 2022 03:22:04 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;av=1;acvw=sv%3D930%26cb%3Dima%26e%3D2%...
ade.googlesyndication.com/ddm/activity/ Frame 8C2A
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;av=1;acvw=sv%3D930%26cb%3Dima%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,254,452%26tos%3D3183,0,0,0,0%26mtos%3D3183,3183,3183,3183,3183%26amtos%3D0,0,0,0,0%26mcvt%3D3183%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3183%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D815%26pst%3D413%26dur%3D6016%26vmtime%3D3138%26dtos%3D989%26dtoss%3D2%26dvs%3D989%26dfvs%3D989%26dvpt%3D989%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1592,1592,1592,1592,1592%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D121%26femvt%3D0%26emc%3D19%26emuc%3D0%26emb%3D17,0,0,0,0%26avms%3Dexc%26qi%3D993401895%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26ptlt%3D3797%26pngs%3D9s,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,3183;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1660360921348;ecn1=0;etm1=0;eid1=210003;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;met=1;ecn1=1;etm1=0;eid1=18;
ade.googlesyndication.com/ddm/activity/ Frame 21C0
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;met=1;ecn1=1;etm1=0;eid1=18;?cb=7877103234344383
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adEngEvent
prod-m-node-2113.ssp.yahoo.com/admax/ Frame 21C0
0
54 B
Image
General
Full URL
https://prod-m-node-2113.ssp.yahoo.com/admax/adEngEvent?tidi=770912229&dcn=8a969574017b7be07f13e163c6300030&posi=1575335&uid=y-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%7EA&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxKUE4.&b=MTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.&hb=true&type=6&a=41e73af2-cc6b-4015-b992-d89d96f3a508&rts=1660360917649&eet=3&cb=9388695144909494
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.120.7 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-120-7.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:04 GMT
content-length
0
server
nginx/1.20.1
ad-engine-flow.gif
trk.vidible.tv/trk/ Frame 21C0
0
66 B
Image
General
Full URL
https://trk.vidible.tv/trk/ad-engine-flow.gif?bcid=56bcd17ce4b018167fea5539&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.onmsft.com&s=true&sid=0536cf9d-89ad-4794-805c-b78387c7a119&vvuid=d6d6736e-3c91-4630-938e-ee87fa56677d&at=preroll&adIdx=1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=452&crt=VPAID%20application%2Fjavascript&stg=q2&aid=533015161&al=6&ap=true&cpm=0&fo=0&h=254&m=true&p.vw.active=1&p.vw.sound=0&vwa=100&vwm=100&cb=0.4917015154471245
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.103.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-103-248.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:05 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
pixel.gif
px.moatads.com/ Frame E3B6
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=29&q=2&hp=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VERIZON_SSP_VIDEO1&ol=1314433452&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VC4NafZqZuc7FwBUS30oB3JRuQXyveKl6wFbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-nFmOVythgEwLgg%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=452&qe=254&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=8&h=254&w=452&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.onmsft.com%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.onmsft.com&lp=https%3A%2F%2Fwww.onmsft.com&t=1660360921040&de=597303311449&cu=1660360921040&m=3902&ar=1da355aa18f-clean&iw=acdcd33&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=175&lg=1&lh=27&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A5101%3A5189%3A53%3A52&aa=1&ad=3093&cn=2088&gn=1&gk=3093&gl=2088&ez=1&co=2088&cp=1648&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3871&cd=2665&ah=3871&am=2665&dq=3254&dr=2048&ds=3254&dt=2048&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=141&vt=209&vd=0&zMoatSRE=0.05979583333333333&zMoatVSD=6.172&dh=6432&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&fh=3093&fi=3093&fj=0&ef=0&eg=1&eh=1&rf=0&re=1&cl=0&at=0&d=55023%3A13614%3A13614%3Ahttps_%2F%2Fwww.onmsft.com%2F&bo=354614&bd=1575335&gw=verizonmediasspvideo234910527399&zMoatOrigSlicer1=354614&zMoatOrigSlicer2=1575335&zMoatParams=tidi%3D770912229%26dcn%3D8a969574017b7be07f13e163c6300030%26posi%3D1575335%26uid%3Dy-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%257EA%26xdi%3DPz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.%26xoi%3DMHxKUE4.%26b%3DMTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.%26a%3D41e73af2-cc6b-4015-b992-d89d96f3a508%26rts%3D1660360917649&ab=3&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=199703&na=674296480&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:22:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 03:22:04 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 7AFA
42 B
64 B
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bl9Ly1xj3Yr7bCseQ29gPzs69sAjoo6qURgAAABABIIOk1EU4AVjqh8m_gwRgifPFhPQTsgEOd3d3Lm9ubXNmdC5jb226AQs2NDB4NDgwX3htbMgBBdoBF2h0dHBzOi8vd3d3Lm9ubXNmdC5jb20vmAIywAIC4AIA6gI-LzE1NDAxMzE1NS8xMDIzNzg4LzcxOTA4L3B1Ymxpc2hlcjoxMDIzNzg4LXdlYnNpdGU6NzE5MDgtdmlkZW_4AoLSHpAD7AmYA-ADqAMB4AQB0gUGEPHjpPUVkAYBoAYkqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDgBx_SCA8IgGEQARgdMgKKAjoCgEDYCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=7Be_RsD50xY&label=videoplaytime50&ad_mt=3138&acvw=sv%3D930%26cb%3Dima%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,254,452%26tos%3D3142,0,0,0,0%26mtos%3D3142,3142,3142,3142,3142%26amtos%3D0,0,0,0,0%26mcvt%3D3142%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3142%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3142%26pst%3D-1%26vpaid%26dur%3D-2%26vmtime%3D-1%26dtos%3D982%26dtoss%3D2%26dvs%3D982%26dfvs%3D982%26dvpt%3D982%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1586,1586,1586,1586,1586%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D467%26femvt%3D0%26emc%3D27%26emuc%3D0%26emb%3D25,0,0,0,0%26avms%3Dexc%26qi%3D392513414%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D6073%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3142&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1660360919463&sdkv=h.3.524.0&vci=CkYIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4ODMxMTM5NjkyDDEzODM3NzU3NzQ1MEBZCmIIARIQcHJlYmlkLmFkbnhzLmNvbRoJWWFob28gU1NQIAIqATEyDzEzNjE0LTQzMzkyMTI3MToFMTM2MTRAflIiEAQlAADwQSgBOgd1bmtub3duQgd1bmtub3duSLoLUABgARgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame E3B6
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VERIZON_SSP_VIDEO1&ol=1314433452&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VC4NafZqZuc7FwBUS30oB3JRuQXyveKl6wFbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-nFmOVythgEwLgg%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=452&qe=254&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=9&h=254&w=452&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.onmsft.com%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.onmsft.com&lp=https%3A%2F%2Fwww.onmsft.com&t=1660360921040&de=597303311449&cu=1660360921040&m=3905&ar=1da355aa18f-clean&iw=acdcd33&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=175&lg=1&lh=27&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A5101%3A5189%3A53%3A52&aa=1&ad=3093&cn=3093&gn=1&gk=3093&gl=3093&ez=1&co=2088&cp=1648&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3871&cd=3871&ah=3871&am=3871&dq=3254&dr=3254&ds=3254&dt=3254&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=209&vt=209&vd=0&zMoatSRE=0.05979583333333333&zMoatVSD=6.172&dh=6432&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&fh=3093&fi=3093&fj=3093&ef=0&eg=1&eh=1&rf=0&re=1&cl=0&at=0&d=55023%3A13614%3A13614%3Ahttps_%2F%2Fwww.onmsft.com%2F&bo=354614&bd=1575335&gw=verizonmediasspvideo234910527399&zMoatOrigSlicer1=354614&zMoatOrigSlicer2=1575335&zMoatParams=tidi%3D770912229%26dcn%3D8a969574017b7be07f13e163c6300030%26posi%3D1575335%26uid%3Dy-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%257EA%26xdi%3DPz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.%26xoi%3DMHxKUE4.%26b%3DMTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.%26a%3D41e73af2-cc6b-4015-b992-d89d96f3a508%26rts%3D1660360917649&ab=3&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=199703&na=608701844&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:22:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 03:22:04 GMT
/
onetag-sys.com/usync/ Frame A975
2 KB
863 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe
Requested by
Host: www.onmsft.com
URL: https://www.onmsft.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.onmsft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pixel.gif
px.moatads.com/ Frame E3B6
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=5&q=2&hp=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VERIZON_SSP_VIDEO1&ol=1314433452&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VC4NafZqZuc7FwBUS30oB3JRuQXyveKl6wFbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-nFmOVythgEwLgg%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=452&qe=254&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=10&h=254&w=452&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.onmsft.com%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.onmsft.com&lp=https%3A%2F%2Fwww.onmsft.com&t=1660360921040&de=597303311449&cu=1660360921040&m=4080&ar=1da355aa18f-clean&iw=acdcd33&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=175&lg=1&lh=27&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A5101%3A5189%3A53%3A52&aa=1&ad=3294&cn=3093&gn=1&gk=3294&gl=3093&ez=1&co=2088&cp=1648&cq=1&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3871&cd=3871&ah=3871&am=3871&dq=3254&dr=3254&ds=3254&dt=3254&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=209&vt=223&vd=0&zMoatSRE=0.05979583333333333&zMoatVSD=6.172&dh=6432&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&fh=3093&fi=3294&fj=3093&ef=0&eg=1&eh=1&rf=0&re=1&cl=0&at=0&d=55023%3A13614%3A13614%3Ahttps_%2F%2Fwww.onmsft.com%2F&bo=354614&bd=1575335&gw=verizonmediasspvideo234910527399&zMoatOrigSlicer1=354614&zMoatOrigSlicer2=1575335&zMoatParams=tidi%3D770912229%26dcn%3D8a969574017b7be07f13e163c6300030%26posi%3D1575335%26uid%3Dy-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%257EA%26xdi%3DPz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.%26xoi%3DMHxKUE4.%26b%3DMTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.%26a%3D41e73af2-cc6b-4015-b992-d89d96f3a508%26rts%3D1660360917649&ab=3&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=199703&na=1259231323&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:22:05 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 03:22:05 GMT
pixel.gif
px.moatads.com/ Frame E3B6
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=3&hp=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VERIZON_SSP_VIDEO1&ol=1314433452&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VC4NafZqZuc7FwBUS30oB3JRuQXyveKl6wFbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-nFmOVythgEwLgg%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=452&qe=254&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=11&h=254&w=452&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.onmsft.com%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.onmsft.com&lp=https%3A%2F%2Fwww.onmsft.com&t=1660360921040&de=597303311449&cu=1660360921040&m=4082&ar=1da355aa18f-clean&iw=acdcd33&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=175&lg=1&lh=27&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A5101%3A5189%3A53%3A52&aa=1&ad=3294&cn=3294&gn=1&gk=3294&gl=3294&ez=1&co=2088&cp=1648&cq=1&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4072&cd=3871&ah=4072&am=3871&dq=3455&dr=3254&ds=3455&dt=3254&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=223&vt=223&vd=0&zMoatSRE=0.05979583333333333&zMoatVSD=6.172&dh=6432&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&fh=3093&fi=3294&fj=3294&ef=0&eg=1&eh=1&rf=0&re=1&cl=0&at=0&d=55023%3A13614%3A13614%3Ahttps_%2F%2Fwww.onmsft.com%2F&bo=354614&bd=1575335&gw=verizonmediasspvideo234910527399&zMoatOrigSlicer1=354614&zMoatOrigSlicer2=1575335&zMoatParams=tidi%3D770912229%26dcn%3D8a969574017b7be07f13e163c6300030%26posi%3D1575335%26uid%3Dy-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%257EA%26xdi%3DPz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.%26xoi%3DMHxKUE4.%26b%3DMTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.%26a%3D41e73af2-cc6b-4015-b992-d89d96f3a508%26rts%3D1660360917649&ab=3&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=199703&na=211161381&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:22:05 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 03:22:05 GMT
dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;av=1;acvw=sv%3D930%26cb%3Dima%26e%3D3%...
ade.googlesyndication.com/ddm/activity/ Frame 8C2A
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;av=1;acvw=sv%3D930%26cb%3Dima%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,254,452%26tos%3D4790,0,0,0,0%26mtos%3D4790,4790,4790,4790,4790%26amtos%3D0,0,0,0,0%26mcvt%3D4790%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4790%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1218%26pst%3D413%26dur%3D6016%26vmtime%3D4737%26dtos%3D1607%26dtoss%3D3%26dvs%3D1607%26dfvs%3D1607%26dvpt%3D1607%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1607,1607,1607,1607,1607%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D121%26femvt%3D0%26emc%3D27%26emuc%3D0%26emb%3D25,0,0,0,0%26avms%3Dexc%26qi%3D993401895%26psm%3D-2147483617%26psv%3D-2147483617%26psfv%3D-2147483617%26psa%3D0%26ptlt%3D5404%26pngs%3D9s,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,4790;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1660360921348;ecn1=0;etm1=0;eid1=210004;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;met=1;ecn1=1;etm1=0;eid1=960585;
ade.googlesyndication.com/ddm/activity/ Frame 21C0
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;met=1;ecn1=1;etm1=0;eid1=960585;?cb=8052728491020134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adEngEvent
prod-m-node-2113.ssp.yahoo.com/admax/ Frame 21C0
0
54 B
Image
General
Full URL
https://prod-m-node-2113.ssp.yahoo.com/admax/adEngEvent?tidi=770912229&dcn=8a969574017b7be07f13e163c6300030&posi=1575335&uid=y-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%7EA&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxKUE4.&b=MTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.&hb=true&type=6&a=41e73af2-cc6b-4015-b992-d89d96f3a508&rts=1660360917649&eet=4&cb=22727174028177033
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.120.7 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-120-7.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:06 GMT
content-length
0
server
nginx/1.20.1
ad-engine-flow.gif
trk.vidible.tv/trk/ Frame 21C0
0
66 B
Image
General
Full URL
https://trk.vidible.tv/trk/ad-engine-flow.gif?bcid=56bcd17ce4b018167fea5539&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.onmsft.com&s=true&sid=0536cf9d-89ad-4794-805c-b78387c7a119&vvuid=d6d6736e-3c91-4630-938e-ee87fa56677d&at=preroll&adIdx=1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=452&crt=VPAID%20application%2Fjavascript&stg=q3&aid=533015161&al=6&ap=true&cpm=0&fo=0&h=254&m=true&p.vw.active=1&p.vw.sound=0&vwa=100&vwm=100&cb=0.07364760657000824
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.103.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-103-248.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:06 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
pixel.gif
px.moatads.com/ Frame E3B6
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=29&q=3&hp=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VERIZON_SSP_VIDEO1&ol=1314433452&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VC4NafZqZuc7FwBUS30oB3JRuQXyveKl6wFbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-nFmOVythgEwLgg%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=452&qe=254&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=12&h=254&w=452&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.onmsft.com%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.onmsft.com&lp=https%3A%2F%2Fwww.onmsft.com&t=1660360921040&de=597303311449&cu=1660360921040&m=5513&ar=1da355aa18f-clean&iw=acdcd33&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=175&lg=1&lh=27&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A5101%3A5189%3A53%3A52&aa=1&ad=4724&cn=3294&gn=1&gk=4724&gl=3294&ez=1&co=2088&cp=1648&cq=1&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5502&cd=4072&ah=5502&am=4072&dq=4885&dr=3455&ds=4885&dt=3455&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=223&vt=320&vd=0&zMoatSRE=0.05979583333333333&zMoatVSD=6.172&dh=6432&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&fh=3093&fi=4724&fj=3294&ef=0&eg=1&eh=1&ei=1&rf=0&re=1&cl=0&at=0&d=55023%3A13614%3A13614%3Ahttps_%2F%2Fwww.onmsft.com%2F&bo=354614&bd=1575335&gw=verizonmediasspvideo234910527399&zMoatOrigSlicer1=354614&zMoatOrigSlicer2=1575335&zMoatParams=tidi%3D770912229%26dcn%3D8a969574017b7be07f13e163c6300030%26posi%3D1575335%26uid%3Dy-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%257EA%26xdi%3DPz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.%26xoi%3DMHxKUE4.%26b%3DMTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.%26a%3D41e73af2-cc6b-4015-b992-d89d96f3a508%26rts%3D1660360917649&ab=3&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=199703&na=100199048&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:22:06 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 03:22:06 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 7AFA
42 B
64 B
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bl9Ly1xj3Yr7bCseQ29gPzs69sAjoo6qURgAAABABIIOk1EU4AVjqh8m_gwRgifPFhPQTsgEOd3d3Lm9ubXNmdC5jb226AQs2NDB4NDgwX3htbMgBBdoBF2h0dHBzOi8vd3d3Lm9ubXNmdC5jb20vmAIywAIC4AIA6gI-LzE1NDAxMzE1NS8xMDIzNzg4LzcxOTA4L3B1Ymxpc2hlcjoxMDIzNzg4LXdlYnNpdGU6NzE5MDgtdmlkZW_4AoLSHpAD7AmYA-ADqAMB4AQB0gUGEPHjpPUVkAYBoAYkqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDgBx_SCA8IgGEQARgdMgKKAjoCgEDYCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=7Be_RsD50xY&label=videoplaytime75&ad_mt=4737&acvw=sv%3D930%26cb%3Dima%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,254,452%26tos%3D4752,0,0,0,0%26mtos%3D4752,4752,4752,4752,4752%26amtos%3D0,0,0,0,0%26mcvt%3D4752%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4752%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D4752%26pst%3D-1%26vpaid%26dur%3D-2%26vmtime%3D-1%26dtos%3D1610%26dtoss%3D3%26dvs%3D1610%26dfvs%3D1610%26dvpt%3D1610%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1610,1610,1610,1610,1610%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D467%26femvt%3D0%26emc%3D35%26emuc%3D0%26emb%3D33,0,0,0,0%26avms%3Dexc%26qi%3D392513414%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D7682%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4752&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1660360919463&sdkv=h.3.524.0&vci=CkYIAhIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4ODMxMTM5NjkyDDEzODM3NzU3NzQ1MEBZCmIIARIQcHJlYmlkLmFkbnhzLmNvbRoJWWFob28gU1NQIAIqATEyDzEzNjE0LTQzMzkyMTI3MToFMTM2MTRAflIiEAQlAADwQSgBOgd1bmtub3duQgd1bmtub3duSLoLUABgARgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame E3B6
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=4&hp=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VERIZON_SSP_VIDEO1&ol=1314433452&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VC4NafZqZuc7FwBUS30oB3JRuQXyveKl6wFbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-nFmOVythgEwLgg%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=452&qe=254&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=13&h=254&w=452&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.onmsft.com%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.onmsft.com&lp=https%3A%2F%2Fwww.onmsft.com&t=1660360921040&de=597303311449&cu=1660360921040&m=5712&ar=1da355aa18f-clean&iw=acdcd33&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=175&lg=1&lh=27&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A5101%3A5189%3A53%3A52&aa=1&ad=4927&cn=4724&gn=1&gk=4927&gl=4724&ez=1&co=2088&cp=1648&cq=1&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5705&cd=5502&ah=5705&am=5502&dq=5088&dr=4885&ds=5088&dt=4885&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&vm=1&vl=320&vt=334&vd=0&zMoatSRE=0.05979583333333333&zMoatVSD=6.172&dh=6432&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&fh=3093&fi=4927&fj=4724&ef=0&eg=1&eh=1&ei=1&rf=0&re=1&cl=0&at=0&d=55023%3A13614%3A13614%3Ahttps_%2F%2Fwww.onmsft.com%2F&bo=354614&bd=1575335&gw=verizonmediasspvideo234910527399&zMoatOrigSlicer1=354614&zMoatOrigSlicer2=1575335&zMoatParams=tidi%3D770912229%26dcn%3D8a969574017b7be07f13e163c6300030%26posi%3D1575335%26uid%3Dy-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%257EA%26xdi%3DPz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.%26xoi%3DMHxKUE4.%26b%3DMTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.%26a%3D41e73af2-cc6b-4015-b992-d89d96f3a508%26rts%3D1660360917649&ab=3&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=199703&na=921578308&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:22:06 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 03:22:06 GMT
pixel.gif
px.moatads.com/ Frame E3B6
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=30&q=0&hp=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VERIZON_SSP_VIDEO1&ol=1314433452&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VC4NafZqZuc7FwBUS30oB3JRuQXyveKl6wFbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-nFmOVythgEwLgg%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=452&qe=254&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=14&h=254&w=452&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.onmsft.com%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.onmsft.com&lp=https%3A%2F%2Fwww.onmsft.com&t=1660360921040&de=597303311449&cu=1660360921040&m=5916&ar=1da355aa18f-clean&iw=acdcd33&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=175&lg=1&lh=27&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A5101%3A5189%3A53%3A52&aa=1&ad=5129&cn=4927&gn=1&gk=5129&gl=4927&ez=1&co=2088&cp=1648&cq=1&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5907&cd=5705&ah=5907&am=5705&dq=5290&dr=5088&ds=5290&dt=5088&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&vm=1&vl=334&vt=348&vd=0&zMoatSRE=0.05979583333333333&zMoatVSD=6.172&dh=6432&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ek=1&fh=3093&fi=5129&fj=4927&ef=0&eg=1&eh=1&ei=1&rf=0&re=1&cl=0&at=0&d=55023%3A13614%3A13614%3Ahttps_%2F%2Fwww.onmsft.com%2F&bo=354614&bd=1575335&gw=verizonmediasspvideo234910527399&zMoatOrigSlicer1=354614&zMoatOrigSlicer2=1575335&zMoatParams=tidi%3D770912229%26dcn%3D8a969574017b7be07f13e163c6300030%26posi%3D1575335%26uid%3Dy-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%257EA%26xdi%3DPz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.%26xoi%3DMHxKUE4.%26b%3DMTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.%26a%3D41e73af2-cc6b-4015-b992-d89d96f3a508%26rts%3D1660360917649&ab=3&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=199703&na=114893696&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:22:06 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 03:22:06 GMT
collect
e.clarity.ms/
0
48 B
XHR
General
Full URL
https://e.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.39/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
https://www.onmsft.com
date
Sat, 13 Aug 2022 03:22:06 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;av=1;acvw=sv%3D930%26cb%3Dima%26e%3D4%...
ade.googlesyndication.com/ddm/activity/ Frame 8C2A
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;av=1;acvw=sv%3D930%26cb%3Dima%26e%3D4%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,254,452%26p0%3D0,0,254,452%26p1%3D0,0,254,452%26p2%3D0,0,254,452%26p3%3D0,0,254,452%26tos%3D6067,0,0,0,0%26mtos%3D6067,6067,6067,6067,6067%26amtos%3D0,0,0,0,0%26mtos1%3D1591,0,0%26mtos2%3D1592,0,0%26mtos3%3D1607,0,0%26mcvt%3D6067%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D6067%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1633%26pst%3D413%26dur%3D6016%26vmtime%3D6016%26dtos%3D1277%26dtoss%3D4%26dvs%3D1277%26dfvs%3D1277%26dvpt%3D1277%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1277,1277,1277,1277,1277%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D121%26femvt%3D0%26emc%3D33%26emuc%3D0%26emb%3D31,0,0,0,0%26avms%3Dexc%26qi%3D993401895%26psm%3D-2147483521%26psv%3D-2147483521%26psfv%3D-2147483521%26psa%3D0%26ptlt%3D6681%26pngs%3D9s,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,6067%26ss0%3D0.05%26ss1%3D0.05%26ss2%3D0.05%26ss3%3D0.05;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1660360921348;ecn1=0;etm1=0;eid1=210005;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;met=1;ecn1=1;etm1=0;eid1=13;
ade.googlesyndication.com/ddm/activity/ Frame 21C0
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj6GDt-7C-QIVA4TpBR3RrgHEEAAYACDA-ZZTOhoI4q-i2QIQuY-6xvwDGPHB4uADIP-7zfGYEEITCI7EybXuwvkCFZdaKwodxyoAGA;dc_rmcid=CAASBORohro;eps=CIBhEAEYHzICigI6AoBA;met=1;ecn1=1;etm1=0;eid1=13;?cb=2352533437323141
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adEngEvent
prod-m-node-2113.ssp.yahoo.com/admax/ Frame 21C0
0
54 B
Image
General
Full URL
https://prod-m-node-2113.ssp.yahoo.com/admax/adEngEvent?tidi=770912229&dcn=8a969574017b7be07f13e163c6300030&posi=1575335&uid=y-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%7EA&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxKUE4.&b=MTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.&hb=true&type=6&a=41e73af2-cc6b-4015-b992-d89d96f3a508&rts=1660360917649&eet=5&cb=35569577940252683
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.120.7 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-120-7.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:07 GMT
content-length
0
server
nginx/1.20.1
ad-engine-flow.gif
trk.vidible.tv/trk/ Frame 21C0
0
0

csi
csi.gstatic.com/ Frame 8C2A
0
0

csi
csi.gstatic.com/ Frame B368
0
0

pixel.gif
px.moatads.com/ Frame E3B6
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=28&q=0&hp=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VERIZON_SSP_VIDEO1&ol=1314433452&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VC4NafZqZuc7FwBUS30oB3JRuQXyveKl6wFbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-nFmOVythgEwLgg%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=452&qe=254&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=15&h=254&w=452&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.onmsft.com%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.onmsft.com&lp=https%3A%2F%2Fwww.onmsft.com&t=1660360921040&de=597303311449&cu=1660360921040&m=6929&ar=1da355aa18f-clean&iw=acdcd33&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=175&lg=1&lh=27&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A5101%3A5189%3A53%3A52&aa=1&ad=5950&cn=5129&gn=1&gk=5950&gl=5129&ez=1&co=2088&cp=1648&cq=1&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6728&cd=5907&ah=6728&am=5907&dq=6111&dr=5290&ds=6111&dt=5290&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&vm=1&vl=348&vt=403&vd=0&zMoatSRE=0.05979583333333333&zMoatVSD=6.172&dh=6432&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ea=1&ek=1&fh=3093&fi=5950&fj=5129&ef=0&eg=1&eh=1&ei=1&rf=0&re=1&cl=0&at=0&d=55023%3A13614%3A13614%3Ahttps_%2F%2Fwww.onmsft.com%2F&bo=354614&bd=1575335&gw=verizonmediasspvideo234910527399&zMoatOrigSlicer1=354614&zMoatOrigSlicer2=1575335&zMoatParams=tidi%3D770912229%26dcn%3D8a969574017b7be07f13e163c6300030%26posi%3D1575335%26uid%3Dy-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%257EA%26xdi%3DPz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.%26xoi%3DMHxKUE4.%26b%3DMTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.%26a%3D41e73af2-cc6b-4015-b992-d89d96f3a508%26rts%3D1660360917649&ab=3&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=199703&na=2083158761&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:22:07 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 03:22:07 GMT
pixel.gif
px.moatads.com/ Frame E3B6
43 B
274 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=21&q=0&hp=1&ra=2&vz=-&zp=5&zq=1.0&sgs=2&vb=-1&kq=1&lo=0&tr=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VERIZON_SSP_VIDEO1&ol=1314433452&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VC4NafZqZuc7FwBUS30oB3JRuQXyveKl6wFbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-nFmOVythgEwLgg%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=452&qe=254&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=16&h=254&w=452&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.onmsft.com%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.onmsft.com&lp=https%3A%2F%2Fwww.onmsft.com&t=1660360921040&de=597303311449&cu=1660360921040&m=6933&ar=1da355aa18f-clean&iw=acdcd33&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=175&lg=1&lh=27&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A5101%3A5189%3A53%3A52&aa=1&ad=5950&cn=5950&gn=1&gk=5950&gl=5950&ez=1&co=2088&cp=1648&cq=1&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6728&cd=6728&ah=6728&am=6728&dq=6111&dr=6111&ds=6111&dt=6111&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&vm=1&vl=403&vt=403&vd=0&zMoatSRE=0.05979583333333333&zMoatVSD=6.172&dh=6432&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ea=1&ek=1&fh=3093&fi=5950&fj=5950&ef=0&eg=1&eh=1&ei=1&rf=0&re=1&cl=0&at=0&d=55023%3A13614%3A13614%3Ahttps_%2F%2Fwww.onmsft.com%2F&bo=354614&bd=1575335&gw=verizonmediasspvideo234910527399&zMoatOrigSlicer1=354614&zMoatOrigSlicer2=1575335&zMoatParams=tidi%3D770912229%26dcn%3D8a969574017b7be07f13e163c6300030%26posi%3D1575335%26uid%3Dy-4.ExDgtE2rOXULMEkQR5ji5Lw1Z5Cz.bzMTgM27GpNqq%257EA%26xdi%3DPz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.%26xoi%3DMHxKUE4.%26b%3DMTM2MTQ7NjkwNDgwMTg3O3dvbHQuY29tOzs7O2NlNGRjMjhjZDBlZjQyNmU4ODU4NWZjNWI4Y2I5ZDM4OzQyNDMyOTg4OzE2NjAzNTc4NDY7OzAuMDAwMDUyOTQ2OzswOzs0MzM5MjEyNzE7NGY0OTRiOTBhN2U3OTJjYjVhM2Y4ZDM2ZTBiOTEwYzIwOTRjMDkxMzsyOzE.%26a%3D41e73af2-cc6b-4015-b992-d89d96f3a508%26rts%3D1660360917649&ab=3&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=199703&na=1625641072&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.53.234 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-53-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Sat, 13 Aug 2022 03:22:07 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 13 Aug 2022 03:22:07 GMT
csi
csi.gstatic.com/ Frame 7AFA
0
0

playwire
playwire.technoratimedia.com/openrtb/bids/ Frame
0
0
Preflight
General
Full URL
https://playwire.technoratimedia.com/openrtb/bids/playwire?src=prebid_prebid_6.26.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.onmsft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://www.onmsft.com
date
Sat, 13 Aug 2022 03:22:08 GMT
server
nginx
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.onmsft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.onmsft.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 13 Aug 2022 03:22:08 GMT
server
ATS/9.1.10.25
280311
search.spotxchange.com/openrtb/2.3/dados/
0
983 B
XHR
General
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/280311?src_sys=prebid
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.71.26.124 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Aug 2022 03:22:08 GMT
X-SpotX-Timing-Transform
0.000325
X-SpotX-Timing-SpotMarket
0.050052
X-SpotX-Timing-Page-Mux
0.000798
X-SpotX-Timing-Page-Require
0.000329
X-fe
049
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.053544
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000273
Last-Modified
Sat, 13 Aug 2022 03:22:08 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.050052
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.onmsft.com
X-SpotX-Timing-Page-Misc
0.001751
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cygnus
htlb.casalemedia.com/
38 B
574 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=505013&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2230663a6201c952e6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%2C%22domain%22%3A%22onmsft.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22onmsft.com%22%7D%2C%22cat%22%3A%5B%22IAB681%22%2C%22IAB19%22%2C%22IAB596%22%5D%2C%22sectioncat%22%3A%5B%22IAB681%22%2C%22IAB19%22%2C%22IAB596%22%5D%2C%22pagecat%22%3A%5B%22IAB681%22%2C%22IAB19%22%2C%22IAB596%22%5D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.26.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223073ebfd645dc078%22%2C%22ext%22%3A%7B%22siteID%22%3A%22505013%22%2C%22sid%22%3A%22640x480%22%7D%2C%22video%22%3A%7B%22playerType%22%3A%22HTML5%22%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22maxduration%22%3A300%2C%22minduration%22%3A5%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22playerSize%22%3A%5B%5B640%2C480%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A1%2C%22w%22%3A640%2C%22h%22%3A480%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22playwire.com%22%2C%22sid%22%3A%221023788%22%2C%22hp%22%3A1%2C%22rid%22%3A%2241e73af2-cc6b-4015-b992-d89d96f3a508%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*-raV6h5T-p7PrFEw2K6cDNlcLbtFxiZ-f1VLvaqdZeUem65YsBcZLk5YHPv1T0FK%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22crwdcntrl.net%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22428ccc7f004d70508aac3651c28716d53938b6d6f6c2aa6a116d595ce3a1669d%22%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224d32b779-8c4b-4970-b127-677768b23296%22%7D%5D%7D%2C%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3A60S0hx3vG3h_6LjtiKWLa4RSoNgQ7i0o3EkKY_cjH8HZ0RIaHwC8LqMPa3LxTqsIJwPSwmhGuGm7enFbHiIZHS_c2HIv60d-BQYjZ75XeTe7WLdTDuvmHzfOMBDdTesm%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22fabrickId%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
819dccfc6b2767f352428e3b8e9fbb798bcdec98d51e536113fac012b5f2fdd9

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:22:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itzt6xD8GPoPYS5%2B9NpcBF%2BJtdfRsNI7zOpRETRecBjdGx%2BZd50MufcjR8cRkE0Oi5Z4KD5p1lBvTmNl%2Fm3%2BDdXV%2B%2ByKccHrL70quF7xd0K2TNy7w94yp2dMknWcRwZNb8pnueWY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.onmsft.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
739e5318288a8a6c-NRT
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/
186 B
408 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.237.6 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-237-6.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
cecb64ebb026fee9c84d09c2070c63b09e7853d130a97273b043ccec2d821ccf

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:08 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.onmsft.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
avjp
playwire-d.openx.net/v/1.0/
106 B
127 B
XHR
General
Full URL
https://playwire-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.onmsft.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4012d8d7-bad8-4596-b064-4fbcf764cae3&nocache=1660360928027&id5id=ID5*-raV6h5T-p7PrFEw2K6cDNlcLbtFxiZ-f1VLvaqdZeUem65YsBcZLk5YHPv1T0FK&lotameid=428ccc7f004d70508aac3651c28716d53938b6d6f6c2aa6a116d595ce3a1669d&pubcid=e370000a-1856-4838-adbf-a65463269849&nuestarid=E1%3A60S0hx3vG3h_6LjtiKWLa4RSoNgQ7i0o3EkKY_cjH8HZ0RIaHwC8LqMPa3LxTqsIJwPSwmhGuGm7enFbHiIZHS_c2HIv60d-BQYjZ75XeTe7WLdTDuvmHzfOMBDdTesm&schain=1.0%2C1!playwire.com%2C1023788%2C1%2C41e73af2-cc6b-4015-b992-d89d96f3a508%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A640%2C%22h%22%3A480%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%2C%22application%2Fx-mpegURL%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22maxduration%22%3A30%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22minduration%22%3A1%2C%22startdelay%22%3A0%2C%22placement%22%3A1%7D%7D%5D%7D&auid=540570750&vwd=640&vht=480
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:08 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.onmsft.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
playwire
playwire.technoratimedia.com/openrtb/bids/
0
293 B
XHR
General
Full URL
https://playwire.technoratimedia.com/openrtb/bids/playwire?src=prebid_prebid_6.26.0
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 03:22:09 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
1026347162
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
tag
bktr2-06hdl.ads.tremorhub.com/ad/
55 B
662 B
XHR
General
Full URL
https://bktr2-06hdl.ads.tremorhub.com/ad/tag?adCode=bktr2-g87mf&playerWidth=640&playerHeight=480&srcPageUrl=https%3A%2F%2Fwww.onmsft.com%2F&supplyCode=bktr2-06hdl&videoId=MyCoolVideo&schain=1.0,1!playwire.com,1023788,1,41e73af2-cc6b-4015-b992-d89d96f3a508,,&transactionId=4012d8d7-bad8-4596-b064-4fbcf764cae3&referrer=https%3A%2F%2Fwww.onmsft.com%2F&hb=1&fmt=json
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:9ea:6f32:84aa:52f7:20ec:e756 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a19b99d0180f86d4495c328a87bd2bf8dbe8dea13ebf1d9d266bdf2e223d9b2a

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:08 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.onmsft.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8
bidRequest
c2shb.pubgw.yahoo.com/
12 KB
12 KB
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
35204a08903708f7d8d34ca5d8f5cd0c56695e147826005312d62aa49a3fb6ff

Request headers

Referer
https://www.onmsft.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Aug 2022 03:22:08 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
12134
trinity.json
apex.go.sonobi.com/
1 KB
2 KB
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%223193ff7d3f75f8d2%22%3A%22e45e3d0af219aa5f137f%7C%7Cf%3D1%22%7D&ref=https%3A%2F%2Fwww.onmsft.com%2F&s=421e0d2e-ea35-4238-b0f6-464837904440&pv=df45705a-6057-415c-aa27-0a777bda7356&vp=desktop&lib_name=prebid&lib_v=6.26.0&us=8&fpd=%7B%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.onmsft.com%2F%22%2C%22domain%22%3A%22onmsft.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22onmsft.com%22%7D%2C%22cat%22%3A%5B%22IAB681%22%2C%22IAB19%22%2C%22IAB596%22%5D%2C%22sectioncat%22%3A%5B%22IAB681%22%2C%22IAB19%22%2C%22IAB596%22%5D%2C%22pagecat%22%3A%5B%22IAB681%22%2C%22IAB19%22%2C%22IAB596%22%5D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%7D&ius=0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22playwire.com%22%2C%22sid%22%3A%221023788%22%2C%22hp%22%3A1%2C%22rid%22%3A%22bb34c2f4-e988-4ee4-adb1-346707974ba3%22%7D%5D%7D&userid=%7B%22id5id%22%3A%22ID5*-raV6h5T-p7PrFEw2K6cDNlcLbtFxiZ-f1VLvaqdZeUem65YsBcZLk5YHPv1T0FK%22%2C%22lotamePanoramaId%22%3A%22428ccc7f004d70508aac3651c28716d53938b6d6f6c2aa6a116d595ce3a1669d%22%2C%22pubcid%22%3A%224d32b779-8c4b-4970-b127-677768b23296%22%2C%22fabrickId%22%3A%22E1%3A60S0hx3vG3h_6LjtiKWLa4RSoNgQ7i0o3EkKY_cjH8HZ0RIaHwC8LqMPa3LxTqsIJwPSwmhGuGm7enFbHiIZHS_c2HIv60d-BQYjZ75XeTe7WLdTDuvmHzfOMBDdTesm%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*-raV6h5T-p7PrFEw2K6cDNlcLbtFxiZ-f1VLvaqdZeUem65YsBcZLk5YHPv1T0FK%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22crwdcntrl.net%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22428ccc7f004d70508aac3651c28716d53938b6d6f6c2aa6a116d595ce3a1669d%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224d32b779-8c4b-4970-b127-677768b23296%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3A60S0hx3vG3h_6LjtiKWLa4RSoNgQ7i0o3EkKY_cjH8HZ0RIaHwC8LqMPa3LxTqsIJwPSwmhGuGm7enFbHiIZHS_c2HIv60d-BQYjZ75XeTe7WLdTDuvmHzfOMBDdTesm%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.78 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
1c6522a7ff4efc80ee2bc2c65ce8d4018abd2a37594814582d1f366cf9ff834c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:08 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-50
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.onmsft.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
613
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
59 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.onmsft.com
date
Sat, 13 Aug 2022 03:22:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/209569/0/
0
162 B
XHR
General
Full URL
https://tag.1rx.io/rmp/209569/0/mvo?z=1r&hbv=6.26,2.1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.42 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.onmsft.com
pragma
no-cache
date
Sat, 13 Aug 2022 03:22:08 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
hbjson
grid.bidswitch.net/
25 B
366 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7424679218c6d64bfeab8a2eef5779b0749566664e4ef4ab12ed00eee6e8bc9d

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Aug 2022 03:22:08 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.onmsft.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
v1
btlr.sharethrough.com/universal/
503 B
710 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.37.224 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-37-224.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
1213fe81469feb279c1da8753c9c20d28f5554ed2eb57f205cda4b4bf7d02813

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Aug 2022 03:22:08 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
content-length
386
prebid
prebid.media.net/rtb/
646 B
456 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIBM874
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7e59238b8efa9621669a0893e91a587988f63cd6e77d755b169dfacb58e282bc

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:08 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
107
alt-svc
clear
via
1.1 google
prebid
ib.adnxs.com/ut/v3/
139 B
988 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6840b34a8a2c6dec3d53d34a5a49f803470cb54f242e69d56266ec5bbef785a2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:08 GMT
X-Proxy-Origin
217.138.252.170; 217.138.252.170; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c2fe912e-0302-4aae-8b1d-87907a507d84
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.onmsft.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cache
prebid.adnxs.com/pbc/v1/
63 B
324 B
XHR
General
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/prebid/prebid.js.br
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.250.0.199 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
754eabb81d2125c2ff920b2f7fb6c2fe24ecc1de5090ad3c49aec6f7bc22c56e

Request headers

Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 13 Aug 2022 03:22:08 GMT
Server
nginx/1.21.3
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.onmsft.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
bridge3.524.0_en.html
imasdk.googleapis.com/js/core/ Frame 8564
635 KB
205 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.524.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d0b5a63ca5e36540e2628599ba666ef0ac2bd34f8ea5f25c9a51b0e4c72fed2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.playwire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
10582
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210237
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 00:25:47 GMT
expires
Sun, 13 Aug 2023 00:25:47 GMT
last-modified
Mon, 08 Aug 2022 18:34:29 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8564
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8564
0
24 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?aot=ib&tte=f&lid=158&sdkv=h.3.524.0&id=ima_html5&c=808247581106976&domain=cdn.playwire.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8564
0
24 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?blob=nullPromise&lid=155&sdkv=h.3.524.0&id=ima_html5&c=808247581106976&domain=cdn.playwire.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame E3B6
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.playwire.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8564
0
24 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?mode=2&lid=41&sdkv=h.3.524.0&id=ima_html5&c=808247581106976&domain=cdn.playwire.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8564
0
24 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type=xfp&ctv=0&lid=6&sdkv=h.3.524.0&e=31061774%2C44731964%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&id=ima_html5&c=808247581106976&domain=cdn.playwire.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8564
0
24 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.4821338734831617&time=1660360929278&lid=43&sdkv=h.3.524.0&e=31061774%2C44731964%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&id=ima_html5&c=808247581106976&domain=cdn.playwire.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 8564
156 B
142 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?sz=640x480&iu=%2F154013155%2C22522311865%2F1023788%2F71908%2Fpublisher%3A1023788-website%3A71908-video&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&url=https%3A%2F%2Fwww.onmsft.com%2F&description_url=https%3A%2F%2Fwww.onmsft.com%2F&correlator=148055768449396&vad_type=linear&cust_params=hb_bidder%3Dyahoossp%26hb_val%3D0.00%26hb_uuid%3D8ea2d853-3a1e-4634-854d-22e3578e9e54%26adunit%3Dtrendi_video%26instream%3Dtrue%26owning_pub_id%3D1023788%26player_height%3D0%26player_width%3D452%26synd%3Dfalse%26vid_long_form%3Dfalse%26window_width%3D1600%26window_height%3D1200%26sitecont_cat%3Dgames_hardcore%2Ctechnology%26custom_path%3DROS%26ad_clicker%3Dfalse%26ab_test%3Dna_A%26hb_test%3D2022-07-15_b%26pagecount%3D1%26vid_location%3Dcorner%26product%3Dads_only%26sticky%3Dtrue%26trendi%3Dfalse%26refresh_count%3D1%26abs_dist_top%3D950%26abs_dist_left%3D1350%26rel_dist_bottom%3D20%26rel_dist_left%3D80%26browser%3DChrome%20104%26hour%3D3%26day%3DSaturday&pmnd=0&pmxd=30000&pmad=3&vpa=auto&vpmute=1&sdkv=h.3.524.0&osd=2&frm=2&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=928570498&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.524.0&sid=A935E813-76F1-4122-927F-C9DAA906F74E&nel=0&eid=31061774%2C44731964%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&ref=https%3A%2F%2Fwww.onmsft.com%2F&dlt=1660360916869&idt=12388&dt=1660360929281&scor=4272226788940994&ged=ve4_td12_tt10_pd12_la12000_er0.0.154.300_vi0.0.254.452_vp100_ts10_eb24427
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.524.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8564
0
24 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1660360929279&timeout=f&logid=0.4821338734831617&timediff=1&lid=43&sdkv=h.3.524.0&e=31061774%2C44731964%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&id=ima_html5&c=808247581106976&domain=cdn.playwire.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8564
0
24 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?rt=xfp&lid=17&sdkv=h.3.524.0&e=31061774%2C44731964%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&id=ima_html5&c=808247581106976&domain=cdn.playwire.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.524.0_en.html
imasdk.googleapis.com/js/core/ Frame 48A2
635 KB
205 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.524.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d0b5a63ca5e36540e2628599ba666ef0ac2bd34f8ea5f25c9a51b0e4c72fed2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.playwire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
10582
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210237
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Aug 2022 00:25:47 GMT
expires
Sun, 13 Aug 2023 00:25:47 GMT
last-modified
Mon, 08 Aug 2022 18:34:29 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E3B6
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.playwire.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Aug 2022 03:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 48A2
156 B
142 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?sz=640x480&iu=%2F154013155%2C22522311865%2F1023788%2F71908%2Fpublisher%3A1023788-website%3A71908-video&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&url=https%3A%2F%2Fwww.onmsft.com%2F&description_url=https%3A%2F%2Fwww.onmsft.com%2F&correlator=1653846861319255&vad_type=linear&cust_params=adunit%3Dtrendi_video%26instream%3Dtrue%26owning_pub_id%3D1023788%26player_height%3D0%26player_width%3D452%26synd%3Dfalse%26vid_long_form%3Dfalse%26window_width%3D1600%26window_height%3D1200%26sitecont_cat%3Dgames_hardcore%2Ctechnology%26custom_path%3DROS%26ad_clicker%3Dfalse%26ab_test%3Dna_A%26hb_test%3D2022-07-15_b%26pagecount%3D1%26vid_location%3Dcorner%26product%3Dads_only%26sticky%3Dtrue%26trendi%3Dfalse%26refresh_count%3D1%26abs_dist_top%3D950%26abs_dist_left%3D1350%26rel_dist_bottom%3D20%26rel_dist_left%3D80%26browser%3DChrome%20104%26hour%3D3%26day%3DSaturday&pmnd=0&pmxd=30000&pmad=3&vpa=auto&vpmute=1&sdkv=h.3.524.0&osd=2&frm=2&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=928570498&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.524.0&sid=A935E813-76F1-4122-927F-C9DAA906F74E&nel=0&eid=31061774%2C44731964%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&ref=https%3A%2F%2Fwww.onmsft.com%2F&dlt=1660360916869&idt=12755&dt=1660360929661&scor=3963446997582135&ged=ve4_td13_tt11_pd13_la13000_er0.0.154.300_vi0.0.254.452_vp100_ts1_eb24427
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.524.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
display_backfill.5040679268e0cd8ba762.js
cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/ Frame E3B6
5 KB
2 KB
Script
General
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/display_backfill.5040679268e0cd8ba762.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/zeus_boot.efc03e3eeedd10cb747f.js?efc03e3eeedd10cb747f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:9a00:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e0bc95a9b185bd9001dde9ad1ecf9871ac767af070f1c0d67183191ec3db0979

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
ETfq7SY4P58Psl.W6JXE1xlFlA58vz7M
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 04:09:59 GMT
server
AmazonS3
age
22426
etag
W/"4b0661462032fabdff55f4d9e622d2dd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
date
Sat, 13 Aug 2022 01:32:03 GMT
x-amz-cf-pop
NRT57-C3
x-amz-cf-id
7ZvCfTI61E9_Yhz0HQPlqGoC7sTPLqLyEeUd1bRKC8k1L4nL2nh8WA==
collect
e.clarity.ms/
0
48 B
XHR
General
Full URL
https://e.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.39/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.onmsft.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
https://www.onmsft.com
date
Sat, 13 Aug 2022 03:22:11 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8564
0
25 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?cslots=0&dispcorr=0&streamcorr=0&loc=https%3A%2F%2Fwww.onmsft.com&ref=https%3A%2F%2Fcdn.playwire.com%2F&gcasclass=1&vpaidadapter=f&ifstate=2&lid=70&sdkv=h.3.524.0&e=31061774%2C44731964%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&id=ima_html5&c=808247581106976&domain=cdn.playwire.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8564
0
25 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?csrvinit=1&lid=151&sdkv=h.3.524.0&e=31061774%2C44731964%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&id=ima_html5&c=808247581106976&domain=cdn.playwire.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 03:22:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/
177 B
541 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.onmsft.com%2F&pid=BPZPVF0gL418r&cb=1&ws=1600x1200&v=22.8.42053&t=1400&slots=%5B%7B%22sd%22%3A%22leaderboard_atf%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C22522311865%2F1023788%2F71908%2F1023788-71908-desktop_leaderboard%22%7D%5D&schain=1.0%2C1!playwire.com%2C1023788%2C1%2Cbb34c2f4-e988-4ee4-adb1-346707974ba3%2C%2C&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*-raV6h5T-p7PrFEw2K6cDNlcLbtFxiZ-f1VLvaqdZeUem65YsBcZLk5YHPv1T0FK%22%2C%22pubcommon%22%3A%22e370000a-1856-4838-adbf-a65463269849%22%2C%22lotame%22%3A%22428ccc7f004d70508aac3651c28716d53938b6d6f6c2aa6a116d595ce3a1669d%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.52.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-52-59.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
0367b6acda45e666ec3b96c344b11dbf82e606f4b964f142e851b49d879e3745

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:29 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
NRT57-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
165
via
1.1 85b47597e85277e1280d0655bac190c2.cloudfront.net (CloudFront)
x-amz-cf-id
dD2Gbp3ZWH7j8YHL-c_s9owz9WB3ZMtt2dVvuZ5HvBkt68-YG9m50Q==
bid
c.amazon-adsystem.com/e/dtb/
177 B
541 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.onmsft.com%2F&pid=BPZPVF0gL418r&cb=2&ws=1600x1200&v=22.8.42053&t=1400&slots=%5B%7B%22sd%22%3A%22med_rect_btf%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F154013155%2C22522311865%2F1023788%2F71908%2F1023788-71908-medium_rectangle%22%7D%5D&schain=1.0%2C1!playwire.com%2C1023788%2C1%2Cbb34c2f4-e988-4ee4-adb1-346707974ba3%2C%2C&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*-raV6h5T-p7PrFEw2K6cDNlcLbtFxiZ-f1VLvaqdZeUem65YsBcZLk5YHPv1T0FK%22%2C%22pubcommon%22%3A%22e370000a-1856-4838-adbf-a65463269849%22%2C%22lotame%22%3A%22428ccc7f004d70508aac3651c28716d53938b6d6f6c2aa6a116d595ce3a1669d%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.52.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-52-59.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
27992c5308ed86b899d1c53ce762b7cd461c612e409bc2b691c7ea016622587e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:30 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
NRT57-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
165
via
1.1 85b47597e85277e1280d0655bac190c2.cloudfront.net (CloudFront)
x-amz-cf-id
HOetHRT3BKqVltkrXzLl6NcOal0tzxMNMFb0_EJx7kU5d3jCAQ7npA==
bid
c.amazon-adsystem.com/e/dtb/
177 B
540 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.onmsft.com%2F&pid=BPZPVF0gL418r&cb=3&ws=1600x1200&v=22.8.42053&t=1400&slots=%5B%7B%22sd%22%3A%22med_rect_atf%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F154013155%2C22522311865%2F1023788%2F71908%2F1023788-71908-medium_rectangle%22%7D%5D&schain=1.0%2C1!playwire.com%2C1023788%2C1%2Cbb34c2f4-e988-4ee4-adb1-346707974ba3%2C%2C&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*-raV6h5T-p7PrFEw2K6cDNlcLbtFxiZ-f1VLvaqdZeUem65YsBcZLk5YHPv1T0FK%22%2C%22pubcommon%22%3A%22e370000a-1856-4838-adbf-a65463269849%22%2C%22lotame%22%3A%22428ccc7f004d70508aac3651c28716d53938b6d6f6c2aa6a116d595ce3a1669d%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.52.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-52-59.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
cfa812c9ecbe4a3fb5fcf87c641a5acecec7b15fd9e6b577561170df7ebdc964

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:29 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
NRT57-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
164
via
1.1 85b47597e85277e1280d0655bac190c2.cloudfront.net (CloudFront)
x-amz-cf-id
0Y4A-w77CJDX_NBmp93aiXft0luH0Q41WqZpoAV9lSt_GxZX9X90lQ==
bid
c.amazon-adsystem.com/e/dtb/
118 B
505 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.onmsft.com%2F&pid=BPZPVF0gL418r&cb=4&ws=1600x1200&v=22.8.42053&t=1400&slots=%5B%7B%22sd%22%3A%22pw-oop-bottom_rail%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F154013155%2C22522311865%2F1023788%2F71908%2F1023788-71908-bottom_rail%22%7D%5D&schain=1.0%2C1!playwire.com%2C1023788%2C1%2Cbb34c2f4-e988-4ee4-adb1-346707974ba3%2C%2C&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*-raV6h5T-p7PrFEw2K6cDNlcLbtFxiZ-f1VLvaqdZeUem65YsBcZLk5YHPv1T0FK%22%2C%22pubcommon%22%3A%22e370000a-1856-4838-adbf-a65463269849%22%2C%22lotame%22%3A%22428ccc7f004d70508aac3651c28716d53938b6d6f6c2aa6a116d595ce3a1669d%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.52.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-52-59.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
522bd52baba6738b1cd2abd217ba43fd07fc0049bd305595104514de092c25af

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.onmsft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:30 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
NRT57-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.onmsft.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
129
via
1.1 85b47597e85277e1280d0655bac190c2.cloudfront.net (CloudFront)
x-amz-cf-id
n6yCSZ1UAsURfM3lnH9jzRDht2BIJ0IHcLvggKH0fATXmvVuDt9JmQ==
sync
gum.criteo.com/ Frame 9D07
88 B
415 B
Script
General
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
e4da463b41c76c05e768a3787071016d1ec36f605c641de159c2f2be3064f39e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:30 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
4038
strict-transport-security
max-age=31536000; preload;
content-length
207
expires
60
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F02A
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dpba%26refUrl%3D%26vid%3D03609205623033625206452273000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-52-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=29215
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 13 Aug 2022 03:22:30 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 13 Aug 2022 11:29:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 9D07
Redirect Chain
  • https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Damb%26refUrl%3D%26vid%3D03609205623033625206452273000V10%26ov...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=amb&refUrl=&vid=03609205623033625206452273000V10&ovsid=3189454452451635575
0
0

PugMaster
image6.pubmatic.com/AdServer/ Frame F02A
0
39 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1337764&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dpba%26refUrl%3D%26vid%3D03609205623033625206452273000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 03:22:30 GMT
content-length
0
log
c21lg-d.media.net/ Frame 9D07
35 B
329 B
Image
General
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=dMuqEdHwk72PH4usaoMnUmM4XBHV8d-M&cs=15&vsid=3033625206452273000V10
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.56.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-26.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Aug 2022 03:22:30 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sat, 13 Aug 2022 03:22:30 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1052
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Dpba%26refUrl%3D%26vid%3D03609205913033625206452273000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIBM874&prvid=2034%2C2033%2C2030%2C233%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C59%2C2045%2C3012%2C2043%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C339%2C77%2C38%2C2022%2C141%2C262%2C186%2C222%2C226%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-52-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=29215
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 13 Aug 2022 03:22:30 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 13 Aug 2022 11:29:25 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 895F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3033625206452273000V10%26type%3Damb%26refUrl%3D%26vid%3D03609205913033625206452273000V10%26ov...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=amb&refUrl=&vid=03609205913033625206452273000V10&ovsid=3189454452451635575
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=cFWj9u3sOr6ioVaKkGJozW
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=cFWj9u3sOr6ioVaKkGJozW
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=cFWj9u3sOr6ioVaKkGJozW
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=cFWj9u3sOr6ioVaKkGJozW
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=cFWj9u3sOr6ioVaKkGJozW
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=cFWj9u3sOr6ioVaKkGJozW
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=cFWj9u3sOr6ioVaKkGJozW
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=cFWj9u3sOr6ioVaKkGJozW
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=cFWj9u3sOr6ioVaKkGJozW
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=cFWj9u3sOr6ioVaKkGJozW
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=cFWj9u3sOr6ioVaKkGJozW
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=a1EFaoFemr64oLaKlKyvbs
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=a1EFaoFemr64oLaKlKyvbs
Domain
temp.com
URL
http://temp.com/
Domain
cs.nex8.net
URL
https://cs.nex8.net/cs/openx
Domain
trk.vidible.tv
URL
https://trk.vidible.tv/trk/ad-engine-flow.gif?bcid=56bcd17ce4b018167fea5539&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.82&r=https%3A%2F%2Fwww.onmsft.com&s=true&sid=0536cf9d-89ad-4794-805c-b78387c7a119&vvuid=d6d6736e-3c91-4630-938e-ee87fa56677d&at=preroll&adIdx=1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=452&crt=VPAID%20application%2Fjavascript&stg=finished&aid=533015161&al=6&ap=true&cpm=0&fo=0&h=254&m=true&p.vw.active=1&p.vw.sound=0&vwa=100&vwm=100&cb=0.3373615971833541
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~l6rc0v09&c=1625187436481&slotId=812593718240.5&fb=ima_html5-lima&sdkv=h.3.524.0%2Fvpaid_adapter&mrd=4&aab=1&itv=1&gpm_i=12&gpm_c=12&gpm_a=11&smb=1000&br=983&mt=video%2Fmp4&vs=640x360&uet=2&rec=show_ad-1%7CloadedMetadata-1%7CadCanPlay-1%7Cloaded-1%7Cimpression-1%7CcreativeView-1%7Cmeasurable_impression-1%7Cstart-1%7Cmute-1%7CfirstQuartile-1%7Cviewable_impression-1%7Cmidpoint-1%7CthirdQuartile-1%7Ccomplete-1
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l6rc0u89&c=1625187436481&slotId=812593718240.5&uet=2&met.4=hvd_lc.l6rc0u89~hvd_src.l6rc0u89
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l6rc0sqj&c=1625187436481&slotId=812593718240.5&qqid=CP6ipbbuwvkCFUfIFgUdTmcPhg&gqid=1xj3Ytf3CeyH29gP1oSTgAQ&fb=ima_html5-lima&sdkv=h.3.524.0&mrd=12&aab=1&itv=1&uet=2&rec=loaded-1%7Cshow_ad-1%7CcreativeView-1%7Cimpression-1%7Cmeasurable_impression-1%7Cstart-1%7CfirstQuartile-1%7Cviewable_impression-1%7Cmidpoint-1%7CthirdQuartile-1%7Cstop-1
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=amb&refUrl=&vid=03609205623033625206452273000V10&ovsid=3189454452451635575
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=8&vsid=3033625206452273000V10&type=amb&refUrl=&vid=03609205913033625206452273000V10&ovsid=3189454452451635575

Verdicts & Comments Add Verdict or Comment

307 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| ramp string| gtm4wp_datalayer_name object| dataLayer object| pageos object| _pwTycheAB object| pwKinesisCreds number| cmpVersion boolean| tycheSampling number| tycheSamplingRate string| tychePath boolean| rampSampling number| rampSamplingRate string| rampPath number| _pageViewSR boolean| _pageViewSampling object| _pwLogger boolean| excludeMoat string| _pwKassandraVer boolean| _pwUserInCA number| _pwFpSampling string| _pwUserCC string| _pwUserContentEncoding object| pwEdgeFlags object| webpackChunkpageos object| __core-js_shared__ object| core object| PageOS object| tyche object| lotame_sync_16180 object| dataLayer_content boolean| ewww_webp_supported object| __cfQR object| __cfBeacon object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked function| lotameIsCompatible function| sync16180_c function| sync16180_d undefined| sync16180_e undefined| sync16180_f undefined| sync16180_g function| sync16180_h object| sync16180_j function| sync16180_k function| sync16180_l object| sync16180_ object| sync16180_la function| sync16180_a function| sync16180_b function| sync16180_i function| sync16180_m function| sync16180_n function| sync16180_o function| sync16180_p function| sync16180_aa function| sync16180_q function| sync16180_r function| sync16180_s function| sync16180_t function| sync16180_u function| sync16180_ba function| sync16180_ca function| sync16180_v function| sync16180_da function| sync16180_w function| sync16180_x function| sync16180_y function| sync16180_ea function| sync16180_z function| sync16180_A function| sync16180_B function| sync16180_C function| sync16180_D function| sync16180_E function| sync16180_F function| sync16180_G function| sync16180_H function| sync16180_I function| sync16180_fa function| sync16180_J function| sync16180_K function| sync16180_ga function| sync16180_ha function| sync16180_L function| sync16180_M function| sync16180_ia function| sync16180_ja function| sync16180_ka function| sync16180_N function| sync16180_O function| sync16180_P function| sync16180_Q function| sync16180_R function| sync16180_S function| sync16180_T function| sync16180_U function| sync16180_V function| sync16180_W function| sync16180_X function| sync16180_Z function| sync16180_Y function| sync16180__ function| sync16180_0 function| sync16180_1 function| sync16180_2 function| sync16180_4 function| sync16180_5 function| sync16180_ma function| sync16180_3 function| sync16180_7 function| sync16180_6 function| sync16180_na function| sync16180_8 function| sync16180_oa function| sync16180_9 function| sync16180_pa function| sync16180_$ function| sync16180_qa undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| googletag object| MoatNadoAllJsonpRequest_1998277 object| Moat#PML#26#1.2 boolean| Moat#EVA object| moatPrebidApi object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| _xamzrequire object| AWS object| gaplugins object| gaGlobal object| gaData object| webpackChunkTyche object| Tyche object| consoleHandler object| kinesis object| _pwBoltAB boolean| boltSampling number| boltSamplingRate boolean| __pwSpotxServerSampleRate string| BoltBaseURL string| __pwPageOSVersion string| __spotxVastVersion number| _pwBoltAdTimeout object| webpackJsonpBolt4 boolean| BoltDebugMode object| pageOSScript object| pageOSLoaded object| Bolt4 object| BoltAdBlockDetector boolean| BoltGlobalIsLoading object| ZeusGA object| Bolt object| Zeus object| __pwpbjs__ object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| ADAGIO object| pbjs object| __pwhbjs object| apstag boolean| apstagLOADED object| ggeac object| google_js_reporting_queue object| PublisherCommonId object| sas object| apntag object| _ADAGIO boolean| google_measure_js_timing function| clarity object| offSide object| eio_lazy_vars object| countVars object| embedVars object| dclCustomVars object| smooth function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| generatepressMenu object| generatepressNavSearch object| _stq object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe boolean| __cfRLUnblockHandlers object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| LazyLoad undefined| $ function| jQuery object| wpp_params object| WordPressPopularPosts object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| generateOffside object| closeElements object| slideoutLinks function| closeOffsideOnAction function| offside function| shouldAutoScale function| constrainSrc object| lazySizesConfig object| lazySizes object| gpscroll function| SmoothScroll function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| st_go function| linktracker_init object| wpcom object| __twttrll object| twttr object| __twttr object| GoogleGcLKhOms function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| ONFOCUS object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

196 Cookies

Domain/Path Name / Value
map.go.affec.tv/map/ttd Name: oo
Value: 1
map.go.affec.tv/map/an Name: oo
Value: 1
www.onmsft.com/ Name: usprivacy
Value: 1---
www.onmsft.com/ Name: ad_clicker
Value: false
www.onmsft.com/ Name: _pw_fingerprint
Value: %22a6200afec51638ce65f45d6d4df30d02%22
.onmsft.com/ Name: _ga
Value: GA1.2.1533648303.1660360917
.onmsft.com/ Name: _gid
Value: GA1.2.1852828179.1660360917
.onmsft.com/ Name: _gat_UA-71939551-1
Value: 1
www.onmsft.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.onmsft.com/ Name: _sharedid
Value: 4d32b779-8c4b-4970-b127-677768b23296
www.onmsft.com/ Name: playwirePageViews
Value: 1
www.onmsft.com/ Name: pwUID
Value: 651640560394898
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: t3jwFmAqVocP4ECUJzymXulAob8hnWbTA4_9C2TMTnHy7UcoJCCaqhRk_pxRIjEEdTfj3_8QOWBxqWRYGrLoTC26zLy8UkkaKPsuZMax7nY
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 90fe29725f0323a018bebb99487941bc
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQsDRISzWyNDcyTTMwNjJONDC0SEpNSrK0NLEwtzQxTEpmAIKk7xJXQTQUAABNUwrP"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI%2Bi5xFUhBAQAcQAJH"
.onmsft.com/ Name: panoramaId_expiry
Value: 1660965717010
.onmsft.com/ Name: _cc_id
Value: 90fe29725f0323a018bebb99487941bc
.onmsft.com/ Name: panoramaId
Value: 428ccc7f004d70508aac3651c28716d53938b6d6f6c2aa6a116d595ce3a1669d
.gumgum.com/ Name: vst
Value: a_de3429c8-f31c-48ab-bba4-33bfe83a056e
pbjs.e-planning.net/ Name: CT
Value: 1
.openx.net/ Name: i
Value: e370000a-1856-4838-adbf-a65463269849|1660360917
.agkn.com/ Name: ab
Value: 0001%3AD7VIc758nGAUA6B4qgz3sbncGk2fXQ%2FF
.e-planning.net/ Name: E
Value: AEp93l-jEUp6fLvx
.sharethrough.com/ Name: stx_user_id
Value: 1b05fc73-f7eb-43b3-b201-34dc890c1fbc
.go.sonobi.com/ Name: __uis
Value: 9f2dede7-e0a8-416c-bb59-baffdef61b9f
.go.sonobi.com/ Name: _usd_onmsft.com
Value: df45705a-6057-415c-aa27-0a777bda7356
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: __uir_mm
Value: 1
.go.sonobi.com/ Name: __uir_td
Value: 1
.go.sonobi.com/ Name: __uir_zt
Value: 1
.go.sonobi.com/ Name: __uir_pp
Value: 1
.go.sonobi.com/ Name: __uir_eb
Value: 1
.go.sonobi.com/ Name: __uir_an
Value: 1
.id5-sync.com/ Name: id5
Value: 794a45c7-6ca4-41c7-a6b6-3cb780d697dc#1660360917445#1
.adnxs.com/ Name: icu
Value: ChgIrvFlEAoYASABKAEw1bHclwY4AUABSAEQ1bHclwYYAA..
.rubiconproject.com/ Name: khaos
Value: L6RC0R9W-4-M8UN
.yahoo.com/ Name: A3
Value: d=AQABBNUY92ICEIda-08cExcp_fYdtML7468FEgEBAQFq-GIAYwAAAAAA_eMAAA&S=AQAAAkpIZZE7E8B6UmMDXB1bEpI
.tremorhub.com/ Name: tvid
Value: f4daf23229ab4696a6991787a2fadc12
.adnxs.com/ Name: uuid2
Value: 4764734661110149725
.tremorhub.com/ Name: tvrg_60830
Value: 1,1660360917
.smartadserver.com/ Name: pid
Value: 4960241744634227040
.bidr.io/ Name: bito
Value: AABh407F7jIAAA90E3B3Kg
.bidr.io/ Name: bitoIsSecure
Value: ok
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.dyntrk.com/ Name: dyn_u
Value: 07030001_62f718d697abf
.rlcdn.com/ Name: pxrc
Value: CNax3JcGEgUI6AcQAA==
.adotmob.com/ Name: uid
Value: 0802220402677156ae909095
.adotmob.com/ Name: uuid
Value: 0802220402677156ae909095
.adotmob.com/ Name: partners
Value: SMA%3A1660360918942
.doubleclick.net/ Name: IDE
Value: AHWqTUni0jyqENwSy6r0njXEMhGqpsvmRBeMBqkEctxTxvZw2fBKRJOJx4H0sQ9xTCk
www.clarity.ms/ Name: CLID
Value: b1bf63f1f5694e53bcdbe837e842e7ea.20220813.20230813
.onmsft.com/ Name: __gads
Value: ID=0e92d614cd1d19f3:T=1660360919:S=ALNI_MYlFFmd48RTaMzLzMASOM0BH4JIRg
.onmsft.com/ Name: __gpi
Value: UID=0000088d7fe9374c:T=1660360919:RT=1660360919:S=ALNI_MalCWB3EhQMPr8CYEgfAE5aHcSv2g
.bing.com/ Name: MUID
Value: 195BE5D44B0764A6224EF42B4A5A65EE
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 195BE5D44B0764A6224EF42B4A5A65EE
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 195BE5D44B0764A6224EF42B4A5A65EE
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.send.microad.jp/ Name: TR
Value: 012157d66b75a7f259984aef71b6bc46
.casalemedia.com/ Name: CMPS
Value: 5500
.casalemedia.com/ Name: CMID
Value: YvcY17Cq6TOXz9UsYoHfIwAA
.casalemedia.com/ Name: CMRUM3
Value: 2d62f718d82760CAESEHh_iZ8_yA_tqFd5mWZ6tFk
.amazon-adsystem.com/ Name: ad-id
Value: A8Oz-dBhzUgvqsqpvncvFcI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.onmsft.com/ Name: _clck
Value: 1y5l59l|1|f3z|0
.adsrvr.org/ Name: TDID
Value: 1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjYwMzYwOTIwfQ
.media.net/ Name: visitor-id
Value: 3033625206452273000V10
.turn.com/ Name: uid
Value: 3189454452451635575
.openx.net/ Name: univ_id
Value: 537072971|1d21bf0c-4a0d-434d-a5b7-0628b31a7df1|1660360920530317
.smaato.net/ Name: SCM
Value: 01af0a18
.smaato.net/ Name: SCMaps
Value: 01af0a18
.ladsp.com/ Name: cr
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.criteo.com/ Name: uid
Value: 9ce59d25-03af-4690-aa01-c0718bcf5d89
.ladsp.com/ Name: smn_uid
Value: EqPVBrmIqHnPx3ZqydzOcg7FrgL_clo
.ladsp.com/ Name: lum
Value: COqc5KmpMBIFCAMQ0AU
.bidswitch.net/ Name: c
Value: 1660360920
.bidswitch.net/ Name: tuuid_lu
Value: 1660360920
.media.net/ Name: data-c-ts
Value: 1660360920
.media.net/ Name: data-c
Value: f21274b8-f3ee-4fcd-9466-86de44913df2~~1
.media.net/ Name: data-o
Value: f8f056cc-1ad1-4d2f-9426-10d2b5ee3968~~8
.bidswitch.net/ Name: tuuid
Value: f5902f6c-8f9b-44bb-af11-1df39412e0e6
.rlcdn.com/ Name: rlas3
Value: NwRBS1ppkgPRt/z1sHJyzRYxqVUN08nOIFI228qu/YI=
.socdm.com/ Name: SOC
Value: YvcY2MCo8X4AAMgoXUsAAAAA
.yieldmo.com/ Name: yieldmo_id
Value: gbd9b0034da2271aad90%7C1660360920770%7C0%7C
.3lift.com/ Name: tluid
Value: 585789278119328662530
.ad-m.asia/ Name: uid
Value: Bm3FpWaWqM
.w55c.net/ Name: wfivefivec
Value: 46mtB6UV1OmHIQ5
.servenobid.com/ Name: pid_337
Value: y-bPMF8CRE2uF2THiIJjih4uwZaFWjJTDSw57LycI-~A
.mathtag.com/ Name: uuid
Value: c02b62f7-18d8-4b00-b88a-52a4b056996c
.media.net/ Name: data-bs
Value: f5902f6c-8f9b-44bb-af11-1df39412e0e6~~1
.360yield.com/ Name: tuuid_lu
Value: 1660360920
.360yield.com/ Name: tuuid
Value: c8461c9a-9d8c-4442-b5f7-9da8e522489f
.servenobid.com/ Name: pid_309
Value: a_de3429c8-f31c-48ab-bba4-33bfe83a056e
.onmsft.com/ Name: _clsk
Value: 1a9p1wo|1660360920946|1|1|e.clarity.ms/collect
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: matchmedianet
Value: 5
.servenobid.com/ Name: pid_312
Value: 4764734661110149725
.admatrix.jp/ Name: uid
Value: e9396891-64a8-44bc-bba9-98c1827fb078
.servenobid.com/ Name: pid_317
Value: 4960241744634227040
.media.net/ Name: data-xu
Value: 46mtB6UV1OmHIQ5~~8
.mookie1.com/ Name: id
Value: 10526460443235179277
.mookie1.com/ Name: mdata
Value: 1|10526460443235179277|1660360921014
.mookie1.com/ Name: ov
Value: 14bcf1e896a2caf6bcbafd3aade0ffb1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004%22%7D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YvcY2AAGB6JGTAAK
.adform.net/ Name: uid
Value: 685831974341956506
.ads.yieldmo.com/ Name: ptrt
Value: 1d21bf0c-4a0d-434d-a5b7-0628b31a7df1
.lijit.com/ Name: ljt_reader
Value: FIwqCRZHvmIO3p7xTrCEtb3T
.media.net/ Name: data-so
Value: 9f2dede7-e0a8-416c-bb59-baffdef61b9f~~8
.servenobid.com/ Name: pid_339
Value: y-bPMF8CRE2uF2THiIJjih4uwZaFWjJTDSw57LycI-~A
.tidaltv.com/ Name: tidal_ttid
Value: 5e1b9faa-bfbb-4cf0-9fd1-403fe2974a7d
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzM2MDO0sDSyMDUxtjQwNxTiM9RNDAv2yS4Oy_dKMUkBAKhupM0lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZmZgbGZgaWRoaGACAEnC4BwQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzM2MDO0sDSyMDUxtjQwNxTiM9RNDAv2yS4Oy_dKMUkBAKhupM0lAAAA
.media.net/ Name: data-g
Value: CAESEEkU0tDb_iohjUTxiddEYm4~~8
.media.net/ Name: data-tam
Value: setstatuscode~~35
.media.net/ Name: data-ttd
Value: 1d21bf0c-4a0d-434d-a5b7-0628b31a7df1~~1
.quantserve.com/ Name: d
Value: ECUBDQHsJoir0QA
.quantserve.com/ Name: mc
Value: 62f718d9-228ca-025c0-e94f6
.media.net/ Name: data-co
Value: AAAGpnvoVmoy_wNTbbhpAAAAAAA~~8
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.media.net/ Name: data-rk
Value: 1917759393911754062~~8
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjKwsDI0NgMA+7M4/wkAAAA="
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1fhy|7bq.0.1
.servenobid.com/ Name: pid_332
Value: 9f2dede7-e0a8-416c-bb59-baffdef61b9f
.ads.yieldmo.com/ Name: ptreps
Value: AAAGpzHOd238hgNA-yQ9AAAAAAA
.outbrain.com/ Name: obuid
Value: 4d30d135-fd96-4d0f-827e-193cc5428d75
.media.net/ Name: data-r
Value: L6RC0R9W-4-M8UN~~1
.contextweb.com/ Name: V
Value: mIq75Rb5fCOf
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 80e48c3296b85e3d
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&b3ac4874-d608-4e2f-8fa5-6c4bca0f76d9"
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2408:u=1:x=1:i=1660360921:t=1660447321:v=2:sig=AQFrveQCDIEqVBRZvzdFC8mNm2k8rxX-"
.servenobid.com/ Name: pid_324
Value: 1976306189285439071
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004%22%7D
.smartadserver.com/ Name: csync
Value: 66:0802220402677156ae909095|69:07030001_62f718d697abf|96:5e1b9faa-bfbb-4cf0-9fd1-403fe2974a7d|127:AABh407F7jIAAA90E3B3Kg|134:OB_OK
.servenobid.com/ Name: pid_310
Value: FIwqCRZHvmIO3p7xTrCEtb3T
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.a-mo.net/ Name: amuid2
Value: a4e7651c-637e-4eb8-b59d-30a648ca1c4b
.prebid.a-mo.net/ Name: sd_amuid2
Value: a4e7651c-637e-4eb8-b59d-30a648ca1c4b
.creativecdn.com/ Name: ts
Value: 1660360921
.creativecdn.com/ Name: u
Value: UOmxQYPAALeX7gjU01xi
.media.net/ Name: data-r1
Value: RX-9514fee7-cf21-4d05-8d96-b1a5f70007c4-004~~8
.casalemedia.com/ Name: CMTS
Value: 5521
.casalemedia.com/ Name: CMST
Value: YvcY2GL3GNkA
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f31f7f4c-6281-4bf8-4cc4-6126294317d2.FfXc5T8v0exJ29kKxEz6WZTn1m%2BcrNbQXjiaXAuibPM
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A8x9_TGKBS_hMxGEmKUMX0tmK_Ko.tnCWyl8D21JGXgEgyAgLp0WLGELOsciK6wD2stKHD5k
.ipredictive.com/ Name: cu
Value: 12555789-e34f-4b1b-9d3d-a08d66fcdb47|1660360921457
.zemanta.com/ Name: zuid
Value: NTOCbqJvHHvAq2ZpOhUX
.servenobid.com/ Name: pid_314
Value: eyJ4dWlkIjoiMzBlMDNjMjctNjNkMi00NGI5LTk2MDQtOGM5NTI0Y2VlMDM4IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0xM1QwMzoyMjowMS4zODMyOTdaIn0=
.media.net/ Name: data-ze
Value: GvScvJFUp3o-eUPmKTpQ~~8
.yieldlift.com/ Name: xuids
Value: eyJ4dWlkIjoiYjY2NDUyYWEtZTY3MS00NzZjLWExZDItZWU5Y2U3YmI5ZjNmIiwiZHAiOnsicnViaWNvbiI6eyJ1aWQiOiJMNlJDMFI5Vy00LU04VU4iLCJleHBpcmVzIjoiMjAyMi0wOC0yN1QwMzoyMjowMS41NjM0NDVaIn19LCJiZGF5IjoiMjAyMi0wOC0xM1QwMzoyMjowMS41NjM0NDJaIn0=
.adingo.jp/ Name: dbm
Value: CAESEJGYIzf0rcmxcS-R4-pI9zA
.mfadsrvr.com/ Name: c
Value: 1660360922
.mfadsrvr.com/ Name: tuuid_lu
Value: 1660360922
.33across.com/ Name: 33x_ps
Value: u%3D117870380020475%3As1%3D1660360922405%3Ats%3D1660360922405
.mfadsrvr.com/ Name: tuuid
Value: 1cc0970c-2451-456c-8b60-71b9d375677d
.mfadsrvr.com/ Name: ssh
Value: !yieldmo,1660360922
.media.net/ Name: data-mf
Value: 3e219616-e458-474a-9431-4c8145dabbc3~~1
.ads.yieldmo.com/ Name: ptrmf
Value: 1cc0970c-2451-456c-8b60-71b9d375677d
.tynt.com/ Name: uid
Value: O6sNR2L3GNo+sn6KPu/7fA==
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1660360922993%7D%2C%7B%22p%22%3A%22607295b4a4%22%2C%22f%22%3A1%2C%22ts%22%3A1660360922993%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1660360922993%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1660360922993%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1660360922993%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1660360922993%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1660360922993%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1660360922993%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1660360922993%7D%5D
.tapad.com/ Name: TapAd_TS
Value: 1660360923144
.tapad.com/ Name: TapAd_DID
Value: b6666516-47ac-4666-a42b-44896fe45ab8
.linkedin.com/ Name: li_sugr
Value: fff18102-49ff-426c-a1be-5a935e7afb10
.demdex.net/ Name: demdex
Value: 18364271378211970333985419335626303420
.openx.net/ Name: pd
Value: v2|1660360920.3|lYvOiajEuIiujIlQkalUhI.vysnkSrApMvGvAkqvHsP
.dpm.demdex.net/ Name: dpm
Value: 18364271378211970333985419335626303420
.analytics.yahoo.com/ Name: IDSYNC
Value: "196n~26k3:198o~26k3:18za~26k3"
.go.affec.tv/ Name: ck
Value: 62f718db0cba3f000143c8ff
.go.affec.tv/ Name: oo
Value: 1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 3!5403
.adsymptotic.com/ Name: U
Value: 01e45ee99c42686f2e2ee8258675d878
.r-ad.ne.jp/ Name: r_ad_token
Value: 4zx3M300YBDGa007uoNM
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2GVTs[-=+!]tbP6j2F-XstGt!@DaE$kqzK
.admixer.net/ Name: am-uid
Value: 6d5b18776b554e40a505a57c32996d0c
.dotomi.com/ Name: DotomiTest
Value: 6e3bedabba1a20b7
.blismedia.com/ Name: b
Value: 62F718DBC0EEBC52963B10E9BLIS
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCOC_4Muguf46EAUSGwoMc2hhcmV0aHJvdWdoEgsIpPGez6C5_joQBRgBIAEoAjILCJqSu5S3uf46EAU4AVoHbXNzbTExNWAC
.simpli.fi/ Name: suid
Value: 5B4E008793F54505B5A6F2E58C09A7F8
.w55c.net/ Name: matchopenx
Value: 5
.go.affec.tv/ Name: pt
Value: eyJhbiI6eyJkdCI6MTY2MDM2MDkyMywiaWQiOiI0NzY0NzM0NjYxMTEwMTQ5NzI1IiwibHMiOjE2NjAzNjA5MjN9LCJ0dCI6eyJkdCI6MTY2MDM2MDkyMywiaWQiOiJPNnNOUjJMM0dObytzbjZLUHUvN2ZBPT0iLCJscyI6MTY2MDM2MDkyM30sInRkIjp7ImR0IjoxNjYwMzYwOTIzLCJpZCI6IjFkMjFiZjBjLTRhMGQtNDM0ZC1hNWI3LTA2MjhiMzFhN2RmMSIsImxzIjoxNjYwMzYwOTIzfSwidiI6MH0=|1660360923|1b57d0bc666b2b843fcc55da15fae549de71deee
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMKRl83WAZtTRlqbBgMWySGKid6DeFnocd9Yh2iIUt3vT7p5oqmdgIGhZv7yvBKIRGQMO+yFYACXjOBxGCOXoSK1hY3/kJOG/1Xc6UO785F0Pw==
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyIzM2Fjcm9zcyI6IjIwMjItMDgtMTNUMDM6MjE6NTcuMDI2MjM2MjY5WiIsImFwcG5leHVzIjoiMjAyMi0wOC0xM1QwMzoyMTo1Ny4wMjU5MTA1NzFaIiwiaW1wcm92ZWRpZ2l0YWwiOiIyMDIyLTA4LTEzVDAzOjIxOjU3LjAyNjI0NDY4WiIsImluZGV4ZXhjaGFuZ2UiOiIyMDIyLTA4LTEzVDAzOjIxOjU3LjAyNjAxNDA3NloiLCJvbmV0YWciOiIyMDIyLTA4LTEzVDAzOjIxOjU3LjAyNjI0OTExOVoiLCJwdWJtYXRpYyI6IjIwMjItMDgtMTNUMDM6MjE6NTcuMDI1OTIxMzc1WiIsInJpY2hhdWRpZW5jZSI6IjIwMjItMDgtMTNUMDM6MjE6NTcuMDI2MDk2NTk2WiIsInJ1Ymljb24iOiIyMDIyLTA4LTEzVDAzOjIxOjU3LjAyNjI0MDU4WiIsInNtYXJ0IjoiMjAyMi0wOC0xM1QwMzoyMTo1Ny4wMjU5MTg4ODVaIn0sInVpZHMiOnsiMzNhY3Jvc3MiOnsidWlkIjoiMTE3ODcwMzgwMDIwNDc1IiwiZXhwaXJlcyI6IjIwMjItMTAtMTJUMDM6MjI6MDMuMjY0NjgyMjY4WiJ9LCJhZGFnaW8iOnsidWlkIjoiMGMyYTAxMjYtN2Q2Mi00ZmMwLTk3OGUtNGVhNmQxZGU5N2Q4IiwiZXhwaXJlcyI6IjIwMjItMTAtMTJUMDM6MjE6NTcuMDEyMzAyNDQ3WiJ9LCJhcHBuZXh1cyI6eyJ1aWQiOiI0NzY0NzM0NjYxMTEwMTQ5NzI1IiwiZXhwaXJlcyI6IjIwMjItMTAtMTJUMDM6MjE6NTguMDc1NjMyMjY2WiJ9LCJpbXByb3ZlZGlnaXRhbCI6eyJ1aWQiOiJjODQ2MWM5YS05ZDhjLTQ0NDItYjVmNy05ZGE4ZTUyMjQ4OWYiLCJleHBpcmVzIjoiMjAyMi0xMC0xMlQwMzoyMjowNC4xMjg1MTQ0OTVaIn0sInJ1Ymljb24iOnsidWlkIjoiTDZSQzBSOVctNC1NOFVOIiwiZXhwaXJlcyI6IjIwMjItMTAtMTJUMDM6MjI6MDMuNDk5MTU3NTQ1WiJ9LCJzbWFydCI6eyJ1aWQiOiI0OTYwMjQxNzQ0NjM0MjI3MDQwIiwiZXhwaXJlcyI6IjIwMjItMTAtMTJUMDM6MjE6NTguNDA5ODIxMjZaIn19LCJiZGF5IjoiMjAyMi0wOC0xM1QwMzoyMTo1Ny4wMTIxMDE2MjFaIn0=
.disqus.com/ Name: zeta-ssp-user-id
Value: 1e92927f-84d0-dd39-ffb6-b48aee34b56b
.servenobid.com/ Name: pid_346
Value: 1e92927f-84d0-dd39-ffb6-b48aee34b56b
.tremorhub.com/ Name: tvv
Value: 2
.go.sonobi.com/ Name: HAPLB3A
Value: s3550|YvcY3

14 Console Messages

Source Level URL
Text
other warning URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.5.14/7.js
Message:
Allow attribute will take precedence over 'allowfullscreen'.
other warning URL: https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 100)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other warning URL: https://cdn.ampproject.org/rtv/032208081650000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://cs.nex8.net/cs/openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript warning URL: https://z.moatads.com/aolvidibleapi29384728347/moatapi.js(Line 76)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=4764734661110149725&pn_id=an
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Message:
Mixed Content: The page at 'https://www.onmsft.com/' was loaded over HTTPS, but requested an insecure image 'http://temp.com/'. This content should also be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

08b3348d93b204860f6aa05c53ec5b86.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acds.prod.vidible.tv
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.pubmatic.com
ads.servenobid.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.co.jp
adservice.google.com
ap.lijit.com
apex.go.sonobi.com
api.btloader.com
atm.im-apps.net
b1sync.zemanta.com
bh.contextweb.com
bid.g.doubleclick.net
bk.r-ad.ne.jp
bktr2-06hdl.ads.tremorhub.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c1.adform.net
c21lg-d.media.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
cdn-ssl.vidible.tv
cdn.ampproject.org
cdn.intergi.com
cdn.intergient.com
cdn.playwire.com
ce.lijit.com
cm.g.doubleclick.net
config.playwire.com
contextual.media.net
cr-p3.ladsp.jp
cr-pall.ladsp.com
creativecdn.com
cs.adingo.jp
cs.emxdgt.com
cs.media.net
cs.nex8.net
csi.gstatic.com
de.tynt.com
dis.criteo.com
dp1.33across.com
dpm.demdex.net
dps.jp.cinarra.com
dsum-sec.casalemedia.com
e.clarity.ms
eb2.3lift.com
ehsw47mb2ee.exactdn.com
eus.rubiconproject.com
events-ssc.33across.com
fastlane.rubiconproject.com
fid.agkn.com
fingerprinter-production.herokuapp.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gcdn.2mdn.net
geo.moatads.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
hbx.media.net
hde.tynt.com
htlb.casalemedia.com
i.w55c.net
ib.adnxs.com
ice.360yield.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
jp-u.openx.net
kinesis.us-east-1.amazonaws.com
map.go.affec.tv
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.rundsp.com
match.sharethrough.com
mb.moatads.com
medianet-match.dotomi.com
mp.4dex.io
odr.mookie1.com
onetag-sys.com
openx2-match.dotomi.com
p.adsymptotic.com
p.rfihub.com
p.skimresources.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbjs.e-planning.net
pixel-apac.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
platform.twitter.com
playwire-d.openx.net
playwire.technoratimedia.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.adnxs.com
prebid.media.net
prod-m-node-2113.ssp.yahoo.com
pubads.g.doubleclick.net
public.servenobid.com
px.ads.linkedin.com
px.moatads.com
r.casalemedia.com
r.skimresources.com
r4---sn-oguesn6d.c.2mdn.net
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
s-cs.send.microad.jp
s.ad.smaato.net
s.amazon-adsystem.com
s.skimresources.com
s.yimg.com
s0.2mdn.net
script.4dex.io
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.cloudflareinsights.com
static2.sharepointonline.com
stats.g.doubleclick.net
stats.wp.com
sync-amz.ads.yieldmo.com
sync-dsp.ad-m.asia
sync-tapi.admatrix.jp
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
syndication.twitter.com
t.skimresources.com
tag.1rx.io
tags.crwdcntrl.net
temp.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trk.vidible.tv
u.4dex.io
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.onmsft.com
x.bidswitch.net
x.yieldlift.com
yieldmo-match.dotomi.com
z.moatads.com
contextual.media.net
cs.nex8.net
csi.gstatic.com
ssc.33across.com
temp.com
trk.vidible.tv
103.229.206.240
103.231.99.243
103.231.99.77
103.71.26.124
104.18.18.126
104.18.19.126
104.18.99.194
104.244.42.8
104.254.148.251
104.254.151.36
107.178.244.193
124.146.215.46
13.112.237.6
13.225.173.36
13.228.150.56
13.228.49.83
13.229.37.224
13.250.192.86
13.251.120.7
13.32.52.59
130.211.23.194
141.95.98.68
142.250.196.130
142.250.207.2
142.251.42.166
145.40.89.200
15.197.193.217
151.101.108.157
151.101.66.49
151.139.128.11
161.202.200.118
162.55.233.28
172.217.175.66
172.67.74.142
18.138.158.87
18.176.162.247
18.176.234.133
18.177.113.58
18.178.22.21
18.182.168.116
18.208.60.216
182.161.74.16
185.183.112.155
185.184.8.90
185.84.60.30
192.0.76.3
193.122.130.38
198.8.71.129
199.187.193.202
20.62.48.180
2001:df2:a300:bbbb::135
202.131.200.82
202.131.200.84
202.233.84.8
209.191.163.208
216.58.220.98
23.10.15.201
23.10.5.240
23.10.7.242
23.106.127.38
23.106.127.39
23.106.69.73
23.108.103.8
23.36.110.226
23.39.13.202
23.44.52.240
23.44.53.234
23.45.56.26
2404:6800:4004:2c::9
2404:6800:4004:808::200a
2404:6800:4004:80a::2002
2404:6800:4004:80a::200a
2404:6800:4004:810::2002
2404:6800:4004:812::2002
2404:6800:4004:812::2008
2404:6800:4004:81f::2001
2404:6800:4004:81f::200e
2404:6800:4004:821::2001
2404:6800:4004:821::2002
2404:6800:4004:822::2006
2404:6800:4004:822::200e
2404:6800:4004:824::2004
2404:6800:4004:825::2001
2404:6800:4004:825::2002
2404:6800:4004:825::2003
2404:6800:4008:c00::9c
2406:2000:9c:800::11
2406:2000:a4:9fe::1
2406:2600:4::b
2406:da18:5ca:7e02:d73:e166:ab83:30b7
2406:da18:929:5a00:db9b:193f:ae4:db25
2406:da18:9ea:6f32:84aa:52f7:20ec:e756
2600:9000:2142:0:12:4abd:d340:93a1
2600:9000:2142:9a00:13:7c50:cec0:93a1
2600:9000:21b7:4400:1b:5138:8a40:93a1
2600:9000:21b7:5400:14:2602:6e80:93a1
2600:9000:21b7:5800:1a:1459:5cc0:93a1
2602:803:c006:158::65
2606:4700:20::681a:346
2606:4700:20::681a:78b
2606:4700:20::681a:8a9
2606:4700:440e::6812:2fe6
2606:4700::6812:372
2607:f8b0:4007:809::2003
2620:116:800e:21:6c50:dbee:bef5:203d
2620:1ec:21::14
2620:1ec:27::cafe:1666
2620:1ec:c11::200
2a02:fa8:c411:12::1050
3.1.1.164
3.126.96.88
3.226.22.208
3.227.250.206
34.107.148.139
34.117.239.71
34.120.216.28
34.149.40.38
34.195.158.163
34.96.105.8
34.98.64.218
35.186.253.211
35.190.59.101
35.190.60.146
35.190.91.160
35.201.67.47
35.213.117.18
35.213.12.39
35.227.202.26
35.71.178.8
38.133.127.31
38.91.45.7
43.250.0.199
44.194.177.91
51.79.234.100
52.198.90.101
52.220.242.234
52.220.69.163
52.231.207.240
52.46.128.147
52.55.123.47
52.74.226.158
52.76.200.167
52.77.136.128
52.94.223.37
54.189.200.142
54.189.212.84
54.196.103.248
54.225.153.167
54.238.120.71
54.251.169.230
54.254.33.203
54.64.4.232
64.120.110.138
64.202.112.31
67.202.105.21
67.202.105.34
69.173.158.64
72.34.250.75
72.34.250.78
74.118.186.42
74.118.186.45
74.125.204.154
74.214.196.131
8.39.36.142
8.43.72.97
89.187.162.249
99.84.133.60
99.84.133.99
99.84.238.168
003d8f11dd32d4a4382088ab6e28722a616f0406c0b34175b7628b40141c7d88
01494dc4d06bd2098f0902a853960fd3aea01b45b9dbb52e2b3663a4780ddf82
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0367b6acda45e666ec3b96c344b11dbf82e606f4b964f142e851b49d879e3745
0492c58920da5279659a2c58bf1b6b68cddf1d78ca4fd87aab42155fb93b7ea3
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05976a74766df4807447cbc06ca9da502ca871bc43b25dda88e447dc90d39533
05df3b5cb8720fe729798b11e4a91b12627f121b516fb692128b8fc5e03b9aa8
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0757f9ceb9f7df4adc4894dbb8bb3cd4c1340d7ce5798c20c6bdfb641ca48c99
07a391e09587513aa78421c34ed482a17a5e003c2132edd96227d53831a131b0
098506900ec1561bdf65c49a0785a91c130616ce2c1cc886fc034a03852b7ea0
09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5
0a58e2165ffda0a508d961dcccf6ccd58fd7aa2149c697003d4e0a5e35e099ef
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cdf88f7fc7bbbe76fce17e1bf322d4d96843c3f772bf8013ae601e154501635
0d1f2fe8af451309da88264f882868c77e06e78b47d07475b57bc6b485329af5
0d4f6e28cf855271fabcd5fccb24e71ef842e3ffa3c33795d9ddd9d3a1e3a46b
0e4c28058a5510a2144053fa72d52cb3107304b669f29ef1d602c136c19fcb02
0fac76018e05fc11d382cb270a754b5219f5ec8fb7c453548839bfd2c825e84f
0fbbb8c9e6bd1f8b3b79fc39813ffb6b5ab0c6fdb096ed3fa0fb0fd4e4db3534
1042d9fcdd8d21693704061b4f88ae135f4c1fbfa56b44b10560d2301f43c2cd
10874bfbd8b6d4a52eadf63e448622161b6d7f174084758557c12cfd22f38d36
10e0a0cbd95b4ea35efc98fbff81df090292953d6da6e3f89c609993a672849c
115ca110b5bd834955c89e252c047c9ea45cab5efe654d6d72308cad6510e869
1213fe81469feb279c1da8753c9c20d28f5554ed2eb57f205cda4b4bf7d02813
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14236752d996478403c4d4f42c2f7fdf0c78a6643f99e0b5c817c068924936fc
14b307ca014eb6ef91b493be723343b71a1b8e876d20522e794cbe74c8f7cd6a
14dd5bdcaf1f7582bf9104f89e77e2b31895bdb8f9dc55d669cc8136715c500f
14ff8eea22eb37314a5f783ccaec4f2a8f4e305a422469db822bc4331ef1b1cb
1515b0fa9ab52a444a0277807554c4826f5319cc75dc70ea8142bcbad6ca1dd4
15db152f386fbb66b5610a32b7b5d8662aeab674ce38a2c446cd73d2a250a92f
16acd59986e2efe7c9b34149898876c0686b508346271954c51b26ab5267efc4
16d0c2376b9d98afab8e6aa286766fa4a3044bc9b0368a0b184460882a5f1b71
18a97a55ed03f23d0ca69393817772d428354596995da060498f744824f7b2be
190d15181a65896f4128f07f66e605219ef2cb37bdff75c66858d09e27ec7c0a
197329b361b83619e0eb18136d507998183d4eabd784373a12f5a2a94e9ba95c
1b5839ccf8b2a8013f74f4010170cef575f7112c19e791f7b71405d90687d065
1b6dfbc0392b3e04e6f10a39a7c097635148b6bc998c13ffbda40d5b3df488c8
1b6e0cc5ce7dad5ae275d7ac33c17034f27f801270805bf8d320bab919045a2c
1b8ea3665c171dfb165266c135c84516e4add691e3ecbf4f03b3272557cb70e2
1c6522a7ff4efc80ee2bc2c65ce8d4018abd2a37594814582d1f366cf9ff834c
1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8
1cc3f945486919b27417f1c27853a2c3dafc33661bd034ba623b2e211e6da62d
1cdc66c0c8cf2444d192f1262bc3b637751cdf454922b954505d986f1fc2d76d
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f4e8e8e9dd642595352e7448a97be35c5ceef7a822d860f4ded81fad1601c25
202ff0ea358064347f54bd2bccc9df16221a72ab6fc97ad88a3919acdf7b170b
20e463a84eba8553c5371120818da764b0766117c6bc4f48d6346ea693dfa7f1
21f688eefb3fb431301ac023cfc4135672206feeaf54b8c2559320d5da2d3242
221702ff06eb7251367cabe5781c553bfc8d74cccbec6f7e0c1da9688b2ee0f9
2293ae3cfba69a26b756fa75acad40468ae1e54ac62a2c7edb7b5e1ee09692cb
22c236724f255f425adad964a7c3df2495e3cc06be2a3a68d040dc2d1f2c569a
23b9cb236050bdd3ee0ca83fd60c9b25eed708678b9f75e7e0fc6a913063cc2d
2694cd2de3efe91fe1085c6ea8bb1a5a34f0b5800831651df121f4f4bc8e9909
270f3c5a493e510555dce5a52e5185a965bf33b9b908fddb0ecb43de842e1ee8
272b9948716c2d3274e41beaf32ba844e9277382560b7f109e9486069f922104
27992c5308ed86b899d1c53ce762b7cd461c612e409bc2b691c7ea016622587e
279a3b8e568cfa2fd3a4e1da7d2ae2fe8e1ec6b9359020de3ca1e45c34d03e4c
29118761c07ba2f914e82c8bff0e7101fadc02790c312cc74e4dedde62ab4d88
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c2abb65f7f0f9d1871cced3564c4c8660872892653c6a24f1b6c1f167502cb8
2c869b7dda650e6adfa366299c8f475c896cfaf4b4111862844e36232c1ba697
2d55cbaa4441d6dd042cb1d9c16b96ca58c81b8bc806716d66c555464da6b9b4
2d868787e520c2f965fa351560afe927385aaca3a80b5e8c53e3b93a477f159f
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e7a190a04d7313734e740edcf2248fc10090ef52c198889a7d274fc4cc09024
2f4f9257b7d9a2cc7a5cb1654fa226ba27ee393bbaaf481a7f14607ce03b8c3c
2f54924cb2c121e1d89eb1a42ef194b75aaf6b732dbc1e0e95b2f77e7909942b
319db53f1824a7c636216b098e6d36652e7612c6db399562968a11dd98450f72
33a3b2b4bb13ccc6ea24e09ac28cf3934212a8191289ff8e032b8a25d84997f8
35204a08903708f7d8d34ca5d8f5cd0c56695e147826005312d62aa49a3fb6ff
3575f055d3eb04c4a4957e4d42f10e1faf131bc5dc1b57afc23a31d16b2882a5
3643a4cc1b9aeaf5516d7337c301f350e578a640a950b3b7d2c2b3c471a33363
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38330a00f8205c7d062beed5fb3bade5f660758f43376ca3a8cbd71a010c7cac
38b88d35ff7abc2f1614745b704a2995714660452baa4719737545b05c7e6f81
3982be2c95b6e0cc6918d2a1c8d993a812a0873a393acb8b5a65c0dafa68e0a8
39a9f40f1fe02584f3d23c2f62bc3f9661c2d09850319457ee20a93e52fd33a7
3a2689da549282bffac6ef91b918b43385cca3a5f9f1c238d882505225e53a3e
3adaef866644ec5ae2581db9642750d71e9aa61859a51c44ea230b94a11fa229
3c6ef3410dcabe63c7d4552b657e549d87ee9a1d646814f9c3edebf1045fda19
3ca3974b648dcc7844ef4bd5f4915d4a8531e4deea99513275256e1db9735f43
3e6d2580c7099f9f441291075c74e11c818bbe21379122284e6560dec408bbfc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f2926ffb5ad064317f79450b05cc45682900920e05c4bba693a42d35527848d
3fdbff96f0ed2b4c62c87a1190d7fcae51a5dc6ce3bdc695a65e92295f05bfb9
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
415522d8ed63727924c2a9dcfe8ee62e86d97f0860aa9d73103efccef9e6c969
422a3e6965dd74fbf1fe43a012a1d5664d5904809ab03995bd62b1154c907488
43f12cb68a8b2b68b5e244818bdbebd8749112e10adb1a1ccd5da26b90fb10fb
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4547a3e2e7545a504b3a1cdcc817a6219c904c94f79c3b98744a264652d3bcd3
472eb7426b22e996141d6a950180aee97068f2d68d75f0cb6f9627be086027e7
47a5391fbc125a3a816a54ce59301b1ff46118a0beda1ea697d64d94f2bea4e5
48027641b9b68fc4c935af1c09f60855127855d88d6db82cbc0636c051964377
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49f430dda26df470a301ffb77b423d4f7867ffdbdc667c7ed152d4e6e5497f29
4a0fbf8080c07e60ae91b9ab6ef235cac37d61db575dfce463aee4cfa591e8e3
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9284fc88f358987133e3263bbb67fd47055410081a6e70d838a0ef363084eb
4bf2ce443af94e5a87bb4e9f7b75cf3a262f80ee47070377bcb6adf9bff8fbc7
4c640526e3973d2bc2204438063ab5c3144f92858bfd69c462f8e6b5f80fb1bb
4c9e097414ccbfdefb3354fe850aa98a9e015d3b9f05519050a0db68105f5ffc
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3af35d6bd2cc8cf6c635e81110bf42b20016dfb08f0ba3072a57daa725309f
4f63a771e9e7e24a13a4ad3c8ac554db96c34874c3863b2b809f7f4e7e7b7db1
501ba19100fdf08aeb3c7e7627c48e8583e9b4b6c65da5fb47447667c0787d9d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
522bd52baba6738b1cd2abd217ba43fd07fc0049bd305595104514de092c25af
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54fe3821920037cccefd8aa1b5f84556deb26f64c86e7fe5ebaaa75f123bc649
55030cad4925387fb39b05398dc50b8d41b189b862be1ee4d576bd2c32a25cfd
55542c02f59ac047bd7ef87d8a2981b541995a09de59a89e419292a91f241202
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56555ac279db2a3ed544a37b98c6ef55ff5730d865daca2af2b72bdcaf947c73
56578622a38706e267d73c827e0c19b9485c6b4327e5660d7e62fc4d51158c64
56b41bac5bba7fe14c8ae5d00170eed4e558320af009865ba55b8b1936dab1ea
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
58430391c3b889e9c111eadd4363080551ef19315f260f320ec4575ab0d73c21
58898a8ad44ab5c745cf646b89ce687a2ba8d1c9c0e29d6a6afaaa26df5984bb
5b152c999ecf4c65b4249f4897857311220979abd01490a1b2ce2a1203030522
5ba19a4f63f4e0d1383a42b4bd63a92c86c9d7692bd9c4fe81e18b26cd45c953
5c6716a6bc8a4993527ff8d48debed70224dd16f17225f56a162b1cc86d04c80
5eb6a3b656fa6c4f08802dcd64b9a04840ca00bc1837339e4e921d41a8316ee3
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
603db0f6c2713ca7a57c9091bf85634c48fb5cabcb99cb718a8cbfefb0631f7c
608df1d6ecc4720a3cddee4abdb6e9da22c0a52c6fdb2b3f37ac21d8507f0122
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6313b7d51e6e269465f5c169ecfc1f0c367988cf435547cf8c6f8639efc04220
6513dcf7ceada2c31e0304bfacaa4b971dae9b1018b0766813dcd0637e17a84f
6623c61862bcf7d68e69f38145a41d686057cc51fd2e08d8acff0fd67cfb770d
664609f34e4d9850b02ac4ee419fed7e1f15aba86ad7fab04bb0ef48c79f105c
673d2cec1d3719e9bc6bd6a4d71abe5693f545758d19b138e511c3a2b776cbc8
68002d1756ab74bbd8c95d977ff8af585ab56706e59b0524a56a9788acf8e482
6840b34a8a2c6dec3d53d34a5a49f803470cb54f242e69d56266ec5bbef785a2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b5ec146ea3c6f8b057bb86634ae29c337d15653ef53097085e4382891af9145
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c51d463706b61b30554907747d95ff62188a36783b1a3bf949c7fbc193e79e2
6d0b5a63ca5e36540e2628599ba666ef0ac2bd34f8ea5f25c9a51b0e4c72fed2
6dcd8369f931573309d59db10fead98f9c972244097e0a64f32c882bae0934dd
6e4c171e85027a1253cd490c8253cfae062071082075e12bd489fc256d0da317
6e745ff5914a17a92d89e65994d2ba772a0f30636c0fd022e05869acacb9e457
6e83f4927f4eb5d43c751377b1caf57adac25119387ed6536d049d20017df656
6eb290ed5848560144dea3777330a6dab5bfc35f0e5ee64e87de299675f290fc
7001265dd17f73edcccbb18699d5a0ea7ee24766e48686d21221069f9d427cf0
70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1
725d1edb01d4673a22b6b7c66348ab19f0be4467b2f17e364db97d500b8efd68
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7424679218c6d64bfeab8a2eef5779b0749566664e4ef4ab12ed00eee6e8bc9d
7430b360ad4cdf6e8c8cbfd564b8c90d6c80ed5ae47e3cac995aca2a094db3c5
749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238
74c370875c1b1435cf25d5ba99c1f2a76297cf5ec3412bfd402908560d13f87e
74dac8b603fbfb43cc8145c1dfa1c9ef06494a4fc211af7c162c6d543e2e7492
7512231a9d9ab287eb3c968c866695248076563e2f55381eead1157fb6e9e0b8
754eabb81d2125c2ff920b2f7fb6c2fe24ecc1de5090ad3c49aec6f7bc22c56e
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
771e8d4d267ab80e1a82d0922d586068b55161fb29c79d183342367473c61b01
775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7adbac3400bc8764f3a61cfa10f025fd0e0ca6509a0ff61ca3ebe7ceff099406
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7c8eb7fd8354e29e58e77290872b6e05a65404a4d16fe26996b72b6f2f606281
7da7251aae5c494815f9de13fd38220a3f22dc4262f55a1e813963cd33993b08
7e05127f49e55f7469df58a453cc9910d3c8f879380ed78dc267b3c6e2f6e17f
7e59238b8efa9621669a0893e91a587988f63cd6e77d755b169dfacb58e282bc
7fbe4f3a945bb4673c78ff1af46f86172a35dbe87b66114968fb6e56a353a9e1
808a3420c1e7b33179c94f51273b1571c2995315cd4e5b5b52d50b8efeb2acb0
819dccfc6b2767f352428e3b8e9fbb798bcdec98d51e536113fac012b5f2fdd9
81bd209ae9c9bd025eed991f294baa1481b1bd43f9b9edb98e05aee1edad1589
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82e3811cdfceb32fce78d37685ff4189f3927def60304312c3519603939f0ba8
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc
87116b7a6726a61f4667e80412eef95b2da85386dd97fc9be7b063bbe770ef95
874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6
87bcfb1be7cd2275305233c16ac8f1868b5fcc0da4fb6d00426a0b7f4eed7064
8847ecf1f8fc53df23a2f687ae7a52071994d21ebd9fd35d031e62f3d752fc56
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a926ac767f24194f2bf37eb52d7c3114f2f9172f1d38d868326b09593cb489d
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ba3f825efe4bc92a1f8ddeef71c79e44c7848b176d4c2ce6ef1345b357b0496
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3
8f109adb53866436ffe3f062904c913ab3675f29a80d39a932165a2b0e9f2c5b
8f1b51337be99b356f1400fd895035f8022d4fa8a99b17c16a3500445fab1b73
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046
9103a0a45280dd1ad7ba021f14af98c1719dc3e5132956ab8ca0c74d0b9a4ae2
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91fb73240f6c4d14842b31b056a2a77919b7438588c62ab880d9f4d90cbf2e0b
969072ee38f15a97dc007aab6bc5e08a03982f3ada686a49ce998d4c461e1442
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
97ef77f003a8992876879cab655f28a13ebf43d0bb2fa1f10e7bd6c79b7366eb
98310dd359ab63e3275ec0c682c19739c8949dc5e039d6a7a340af41743fb38f
98c70924c1db08117f838a5745b335e09e688745d0ed2275a8ad057ea463edc9
99929d862b4e1938dc5ae8817951f2b889ffe64c760a240bbf5ea15d93bdaa25
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
9a62d26c7b887e4f4bd3d272fe4d791d4bdd377a0d47f19f6a97aa5c9e83df56
9ab6ba1e7e051b464b2a5855abc359ba0f4cde98edc2335e2648bbfe5a35cf38
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
9c88fe77d0bb423a2815479f8f06a39d4a2f47f7ee3c800b2792d217e063576f
9c97a4f61de85e396b32c95c8933ac7da06e1781dad1bbf98cd3db024b4a03a8
9de34c9bcb5238bd45eb99ebaacb76c12c2873f9a5416163c13644870c4a8b39
9e2b4b3f99d43db6b5ebc87b42deca2baf314fdd837cc08171507ea95cda0e5a
9ebe99935e5c5f37946418e84d540c1eb2b2fcc49830835f09e65b7d39f97baf
9f5c074391deee162213458a9132cfd9189b70fb8b8938501165b9afacc88cb1
9fb60d9b24eef5d6f5ec65124344c803bf2748e7863be787f35017e1644a3e36
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a19b99d0180f86d4495c328a87bd2bf8dbe8dea13ebf1d9d266bdf2e223d9b2a
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a452399141cde2bef16c744f6f3b649ab791b40c24e2f8c98a2ff7a72a8055dd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e5b0e649caf66d348770967cc6081f8e925c3c5389069f50be26c4f0c25d45
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a6a2d8b638c20a3b4d4dc2234123c92447e17c99a9e2dad4a7f75b183d0aa662
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a913d0114398b45dbb50dae69a73921fe1f019f6ab4ced17ab24b4bfeef9ce23
a934621dc97e4ded859fe0b4855b8a5359575f95b723812c92d776b4d98abc77
aa328efddf99621233b4c619fb9fd906839798586842041eb6a4f4d42f866aa9
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
ac8ba41f2ad11b9f60654e4550ab7a47ee85f4cb9dd50df9f362081ad5cd8a7f
ada0693ac4e036a3a8289f2cd4e462e8695a6cfd46652dd50a9bfa36e4d8ecd8
ae5abaefaef0198f01e75af0e5578966d6bec8039284cb1247148e37ecfe4fb6
ae726193112d41052e35118aa67d5f832d40aa9e53c2594466e0ee5df73caab6
af56e49e0d626918cc0eea69a645e1b3eacbe86936d330ec2da806f73a825919
b0e034928e78d96110fc2d22b3b838283b4767f5db445357ae37c00a108689fa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1dfe53f5ecd49796b85ed91d580d903217d2e0d54baceb52213e08fba51fd87
b21c87323b3661bcf4e78ef7ed190a4ef1e211f3b1bb35b65d2c5690ebce3e1b
b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc
b40836a3a2088d5f6a11c40da9b31cda348347621ff2c9fcd014d779d2eef2e3
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b6059548fd5bb34698b8aff9efe26ec5d8c52cbc13739ad8094cb4743cbaa278
b625b3191eea0929d0f20fffd7ea8199fd3f80407b0738dabeab289f49a4522c
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8e20f76b797af996aa186867eaea379bf0eaaaabcde1c9850cfa35c964d0c58
b908e4d447b5bbaeae858c76a305c82a162a6af717c924c6ff88bb3c78e52fcd
b9d8d341a264fd6f00684e024893715f1162dda46fbde7748212305e4e880024
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
ba9d9b931448fb152aa31ad20ac4c6886c7ecb6d4404d1670c230f71c1b8ff59
baf30b1a55b7b7e6b7eafa77ea37b51a069b31834e0e9e79a8ff48ee9cd5b9d8
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be764d640a7efa0022ca94a330ec3c7f38f462016f79f400d06da583be69a31e
c0803eee048c3034aacd424103c8de780a0922bcc07f863c8db29540b32142a9
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c196bd11a6ada8107e9f065486e36c8db58b03b529bf891970b9336efd8a6130
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c3025dfeba6943de206069f749655ec568ada58e2588cae7c168f8239c744b72
c3fef29529678ff5e018e5d2db4a897390044b92e9105cf7adae070f76f8dbe1
c552d123b46d213f451750ceb2d6e5a8852824b0bc9f7e32a0224d2eabd06698
c5d613b2da852cab0efedfdd06cc307bf21940b81f22b10f7dba9df228ebde73
c7666135efe3165f59bd0ae542ad2ac795b50d154c7c476c16a97ec9a766ed81
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
ca09dc0ff75065cb3364174a40a3293d9979980384bbc3e46bbc3ca62a530517
ca10b88804accfc4c868a18752ce8f0a9d4156f9d6ad8858830e2a0f46ffae5e
cc5b0f7a3c6ec50f70fa4c7061aefeb96ffefc382e59b30e7d18ab8fc62ce798
cc6b3654648a3c72901bc3261e6b3d758e1646a42cf0df9250e90a54a5e5f485
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cecb64ebb026fee9c84d09c2070c63b09e7853d130a97273b043ccec2d821ccf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf8edd693ebd06102e8208c3b6e4e43bf5f87bd3b1058683a14a3b2a619ee1e0
cfa812c9ecbe4a3fb5fcf87c641a5acecec7b15fd9e6b577561170df7ebdc964
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d20823732451c6d2e72478d8f4b1e40c9eb9e175012751154ec2b405812de3d3
d61766b752bfa60be20796a75e87e0705f60300c04e30ff0e3a772008cabcfdd
d6f4798dd69cd9aa024b56e14e5d3e90e3003833ed7874d37f7ad6c53277531e
d732c1bec467df9a8fca7668af67a75f402772cbeafb6c5734cac1891a373871
d73f9d83affe674000559d4bd566b7509d85e7cd3c0856410f3b08f242e102a7
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d772805c0a62a7f1e6c7d3c531e584a61ae23a9d3cef28857f8a089593df768f
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d833c06dd1b91530e21f68566ed1b70d3851904b0428ebb4244deed953a282ea
d8dd5218354a9990e99238f5d21e93ecfd6f2c27e3b4c9d84cdc0e53100cd80f
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da05e8d8fd53ff2e65e53a572be3999483ca18f9a72c4bbd66ab1098c4946210
da483c4cbaf0c9f37859e03b8a4c84155c797ee4b17d88d8d31b744c88c5811e
dab14f865c30fab8ebd789abe94ce37ec4ddf6271a96cdc2db3ea9cc01eb8517
db6e9b9c4a8d198b13039b61e72982d72bfd88e5faf9069da73156e0b9674894
db8827df299fb574b5b1019eca3d316bec9ebefcfd279f9bd0eb591bd991abf2
dbb849be149a060a47a9d77df7d9631ef4e4815e6c7cc709a80f51755e248b83
dca48efa0eba135456616483c746f374a1291cdeb8b2f7e4946db4d39bcf736f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd49c7694914089a80ce064c2c6c367db928ea2c0a35981795f06aec838f1dbb
ddbc3d830f10f69c16dccc4ba005b2698ecf924d5ed1a95b416b80184dd2fd23
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de8edcb2664c4addc99c9d02e8d44de345f94efbc90a00d731389a545bb3a8f3
df49112f965565d7af2a8ac08e7000ab6c2731ced4340c2b6c89a8097e94c2ea
df78d971eaebde0f6babd2ad42d61d863a94b049fe7b498456401b95e427a309
df88df96f09d9747755aa2b1f44bc857078fe9a8b6807897ed99d366d7271b20
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e0bc95a9b185bd9001dde9ad1ecf9871ac767af070f1c0d67183191ec3db0979
e0c9cb5266f902870ff0e90e326b457946a72f87bda3389c533f1eb54b984d05
e165528111ab4b2fd6c3dc4966ccec9dcc6e3eb41358c2cfcce959bdc392c0dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4da463b41c76c05e768a3787071016d1ec36f605c641de159c2f2be3064f39e
e59e33795d6b3af925607e1a87b8f280a08403444254087375f86c6342415fec
e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab
e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192
e79dc0233ed374ffc996d62c82599b11a0148967879d3fd490ad58c95cffdc42
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9f49503f884d44fe1d181f91a75590feada9777d2f0762c35bfdee09edbee6a
ea03bcb78cd767a32e2399ab0895c0852dd6ff735b77f52638ae09efcbd0015b
ea26beb23573aff07e974efb36e05ca385601ffc35a76a999b58b58115435599
ea49fe551c37a67e987abd9a52c1f6db19c42c8d9ab34fe00822322a5b7de9f3
ea5db30cea39dc8a5dbee45db96949c13c473febb15b58b1886e3dc6cb65e6f9
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e
ec7da5bccd49217c579947752c3fd0cf28bc79f6acace987dd677458c68d5d53
ecf917978118862ae1fc715ef2f5d7cf541d22cf515bc480c07324037b8bba01
ecfa9fd979ff6f9b0fce584e95964c8da41e664430e78653a9c20c0dc6852f82
ed913ed5e633a3adc79090e837d9cf3a5978141527db870d1ba4f4d40298c401
edc15b355249a234fec7051af9440c1a87774813046d6ebf963487a7838f1405
eeaa7d9c669b82fe425ebf5f3d693356a231c5832fd11d23793d694127e418b8
eec4b9c31b9210234f018c21159cabd6d8468642b36665c3945baffc5d2d4088
eee8208afbf69fcee2d82898e6e915d880fa6fdaa91de9a07a8077fd6d647fde
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d
f20b44f4c11af710237c278ab58ad01bfe9dfc72f62131392dc7c391a9d35a64
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f35b72721f9a264bea2bf4dbf31f729e5f058eff5a746ee6052886caf8af321f
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4d0c6a094ec876c2dbea780dac5655e44bc1ec2b0c9c492f8513581879c89c5
f5a2ee67c4a9c856cb7717e058793444950da0debebef63f1a4fbe2a483dfd05
f6d55b254bc12ad6afa55c0466de3023759656fce2ecf1a189b9cbadeca893d9
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f859a03bcf9f6ef1c535c669d4d463eb0846bec930128e6f7efb450558910bf1
fbeeacd53a85306c5edd6fbb37c9c5534475423e0660b3c10cc14d54ffa3d8c1
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd014c50668d43b8360d217eb3916e82336ecb1958a2495584d379617327d568
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd4c40c64ea88b3dcdc5202d9f06a6ceccf57335a398fefaaba1df64ee3c4cd1
fde6230166bb9742f67744cf8dfde61f256f7c15805c6e06dd8df354418c94ef
fee2a89f0d42be4c4e87d9f57e97328973edf2ee4f5afc0b9cc314ba4610e6ac
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869