gekka-no-kasumi.com Open in urlscan Pro
183.181.96.20 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gekka-no-kasumi.com/
Effective URL:
https://gekka-no-kasumi.com/
Submission: On December 10 via api (December 10th 2023, 8:17:16 pm UTC) from US — Scanned from NO

Summary HTTP 319 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 21 domains to perform 319 HTTP transactions. The main IP is 183.181.96.20, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is gekka-no-kasumi.com.
TLS certificate: Issued by R3 on November 28th 2023. Valid for: 3 months.

This is the only time gekka-no-kasumi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 86	183.181.96.20 183.181.96.20	131965 (XSERVER X...) (XSERVER Xserver Inc.)
7	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	202.226.37.225 202.226.37.225	131965 (XSERVER X...) (XSERVER Xserver Inc.)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1 1	104.64.170.193 104.64.170.193	16625 (AKAMAI-AS) (AKAMAI-AS)
4	52.222.236.32 52.222.236.32	16509 (AMAZON-02) (AMAZON-02)
4 4	52.119.170.28 52.119.170.28	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:249... 2600:9000:2490:ae00:1d:d7f6:39d3:7a61	16509 (AMAZON-02) (AMAZON-02)
2	3.112.186.112 3.112.186.112	16509 (AMAZON-02) (AMAZON-02)
8	153.120.49.87 153.120.49.87	7684 (SAKURA-A ...) (SAKURA-A SAKURA Internet Inc.)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
6	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
9 12	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
6 12	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 9	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
77	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:c90... 2a02:26f0:c900:8::5f65:4adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
319	28

86 183.181.96.20 (Japan) 1 redirects

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv12659.xserver.jp

gekka-no-kasumi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 202.226.37.225 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: webmail.xserver.jp

webfonts.xserver.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.64.170.193 (Prague, Czech Republic) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-170-193.deploy.static.akamaitechnologies.com

img.finalfantasyxiv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.236.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-32.fra56.r.cloudfront.net

lds-img.finalfantasyxiv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.119.170.28 (Boardman, United States) 4 redirects

ASN16509 (AMAZON-02, US)

ws-fe.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2490:ae00:1d:d7f6:39d3:7a61 (United States)

ASN16509 (AMAZON-02, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.112.186.112 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-112-186-112.ap-northeast-1.compute.amazonaws.com

www22.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www17.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 153.120.49.87 (Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
PTR: www33.with2.net

blog.with2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.34 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.64.151.101 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.89.210.101 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

77 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:c900:8::5f65:4adf (Schiphol, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
86	gekka-no-kasumi.com 1 redirects gekka-no-kasumi.com	16 MB
77	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	484 KB
59	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148 ade.googlesyndication.com — Cisco Umbrella Rank: 293	642 KB
34	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	208 KB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	7 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	22 KB
9	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	7 KB
8	with2.net blog.with2.net — Cisco Umbrella Rank: 648283	70 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	508 KB
6	xserver.jp webfonts.xserver.jp — Cisco Umbrella Rank: 420640	27 KB
5	gstatic.com fonts.gstatic.com t0.gstatic.com www.gstatic.com	36 KB
5	finalfantasyxiv.com 1 redirects img.finalfantasyxiv.com — Cisco Umbrella Rank: 239824 lds-img.finalfantasyxiv.com	17 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340 fonts.googleapis.com — Cisco Umbrella Rank: 29	99 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	255 KB
4	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 360	34 KB
4	amazon-adsystem.com 4 redirects ws-fe.amazon-adsystem.com — Cisco Umbrella Rank: 589096 ir-jp.amazon-adsystem.com Failed	800 B
3	createjs.com code.createjs.com — Cisco Umbrella Rank: 1586	188 KB
2	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	447 B
2	a8.net www22.a8.net www17.a8.net	121 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	4 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	4 KB
319	21

	Domain	Requested by
86	gekka-no-kasumi.com	1 redirects gekka-no-kasumi.com
77	s0.2mdn.net	gekka-no-kasumi.com s0.2mdn.net googleads.g.doubleclick.net code.createjs.com
35	pagead2.googlesyndication.com	gekka-no-kasumi.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net gekka-no-kasumi.com tpc.googlesyndication.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com gekka-no-kasumi.com googleads.g.doubleclick.net
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
9	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
8	blog.with2.net	gekka-no-kasumi.com blog.with2.net
7	www.googletagmanager.com	gekka-no-kasumi.com www.googletagmanager.com
6	ade.googlesyndication.com	gekka-no-kasumi.com
6	googleads4.g.doubleclick.net	gekka-no-kasumi.com
6	region1.google-analytics.com	www.googletagmanager.com
6	webfonts.xserver.jp	gekka-no-kasumi.com webfonts.xserver.jp
4	www.googletagservices.com	gekka-no-kasumi.com googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com gekka-no-kasumi.com
4	m.media-amazon.com	gekka-no-kasumi.com
4	ws-fe.amazon-adsystem.com	4 redirects
4	lds-img.finalfantasyxiv.com	gekka-no-kasumi.com img.finalfantasyxiv.com
4	fonts.googleapis.com	gekka-no-kasumi.com googleads.g.doubleclick.net
3	code.createjs.com	s0.2mdn.net
3	www.gstatic.com	googleads.g.doubleclick.net
2	www.google.com	2 redirects
1	t0.gstatic.com	gekka-no-kasumi.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.jsdelivr.net	gekka-no-kasumi.com
1	www17.a8.net	gekka-no-kasumi.com
1	www22.a8.net	gekka-no-kasumi.com
1	img.finalfantasyxiv.com	1 redirects
1	cdnjs.cloudflare.com	gekka-no-kasumi.com
1	ajax.googleapis.com	gekka-no-kasumi.com
0	ir-jp.amazon-adsystem.com Failed	gekka-no-kasumi.com
319	32

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
b.hatena.ne.jp
getpocket.com
timeline.line.me
www.youtube.com
www.twitch.tv
www.amazon.co.jp
px.a8.net
blog.with2.net

Subject Issuer	Validity	Valid
www.gekka-no-kasumi.com R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.xserver.jp SecureCore RSA DV CA	`2023-03-31` - `2024-04-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.a8.net GlobalSign GCC R3 DV TLS CA 2020	`2023-06-01` - `2024-07-02`	a year	crt.sh
blog.with2.net JPRS Domain Validation Authority - G4	`2023-11-30` - `2024-12-31`	a year	crt.sh
*.finalfantasyxiv.com Amazon RSA 2048 M02	`2023-04-19` - `2024-05-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://gekka-no-kasumi.com/
Frame ID: A7EBC4CE4A918F41FA30AD2E1313EADE
Requests: 140 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: FAD0110962C22045BE8C1F4890667F63
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6227073263319178&output=html&adk=1812271804&adf=3025194257&lmt=1702239406&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fgekka-no-kasumi.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702239406083&bpp=4&bdt=1503&idt=505&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2693426377647&frm=20&pv=2&ga_vid=1328873783.1702239405&ga_sid=1702239407&ga_hid=1779646050&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809003%2C31080036%2C95320884&oid=2&pvsid=1334700986538572&tmod=139451290&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=531
Frame ID: 038FDD9C430A0E99052F610DE0A78E0F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6227073263319178&output=html&h=420&slotname=8432113424&adk=2347388405&adf=1365182113&pi=t.ma~as.8432113424&w=700&cr_col=4&cr_row=2&fwrn=2&lmt=1702239407&rafmt=9&format=700x420&url=https%3A%2F%2Fgekka-no-kasumi.com%2F&ea=0&host=ca-host-pub-2644536267352236&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702239406087&bpp=2&bdt=1507&idt=531&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2693426377647&frm=20&pv=1&ga_vid=1328873783.1702239405&ga_sid=1702239407&ga_hid=1779646050&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=2597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809003%2C31080036%2C95320884&oid=2&pvsid=1334700986538572&tmod=139451290&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=1456
Frame ID: 43251C0D851622C37788C2EE03389675
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6227073263319178&output=html&h=280&slotname=9375328300&adk=1620165619&adf=2788080696&pi=t.ma~as.9375328300&w=700&fwrn=4&fwrnh=100&lmt=1702239407&rafmt=1&format=700x280&url=https%3A%2F%2Fgekka-no-kasumi.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702239406089&bpp=1&bdt=1509&idt=530&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x420&nras=1&correlator=2693426377647&frm=20&pv=1&ga_vid=1328873783.1702239405&ga_sid=1702239407&ga_hid=1779646050&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=3071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809003%2C31080036%2C95320884&oid=2&pvsid=1334700986538572&tmod=139451290&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=1460
Frame ID: 5B754B97615DF18D8ECF409767DF6AAF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: B037E84FBD347BC6A9628D9141BB3B0F
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: BC232531194E2D1B144410760629D259
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: B8AD5E3C09AF6DCD9D1791DCE451E087
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: EEDE0CDC24F415BE9AE145699E2DA24B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY05XXgAIwAQ&v=APEucNVhB-KW40b4BaWrtkaqQNs8sK6zvZ8Pi9XqIQX9Do4GJgjdMosRKG2zozPR5HvxheH84beXWWVR6soqaf2VON84oMSAlUa3q-4g-snJkcdrcfNHCMZy5PXwtoY9yoZjDrXa7dur7z7ASQw1OE-nhvrnoMTy8MQba5tS-BTOjUKcxjVaTyU
Frame ID: 9184236A8F34D32A06E5755F37AFF4E4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 30E9C9D4A1508A8855CDC68B731E3319
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY05XXgAIwAQ&v=APEucNXho_W1oZesDKw0j7A7th_OlsAYsO5MD9zIq_drChi2OOGBbDRtJhD-NTunys1in2amSa4zQCZTxYAAFVtwFVwjtpS2bdkVLUJqUlWZA_nrtObngIZ0LLuS3q1a36okN8fUwJBvUUj5mcbJ5bjRW3GejMj4bOkrSt7jLXV0Xkr8Z9TSKhc
Frame ID: 8622D8646EC24A00E53A2866FB95E747
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 65834DDB86FE18D301C0F523F39037A0
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY1ZXXgAIwAQ&v=APEucNUhzRMmUi4THsGtGNi6-kEVd9Aimzvf0gzs4zO3S5qcuekIYOU4tFguTRlHxHR6s8oCoB8ySjQYO72LZjph3AFlrgdsolC_ZFUFZ0Z61ABTFx9Zf75_szL1-qYUy6X-i0sdRwz1_qbuOUh6sW9BfhcbIJB1ryZsM86rDJkuhPcceFZciLY
Frame ID: 7413585CD403786B2D99B182DBC4707E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 84E6915CEC50AC164C671DC2035A6A91
Requests: 19 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%81%98%E9%96%89%E3%82%8B
Frame ID: 9B56503B0B16E0A4B06725AD79391852
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B688D725F1FD9F1E9AF7384250528B08
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D26448EC5782880160120AD3265A3D74
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: BB32BA08D4604DE94757EC9676764EF7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: ADB2B3DB25C0F2FD2E726A71EC412633
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BCA529553552CCAB7E0637F1CC7368A9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
Frame ID: A5B41B199C9D1745EAB105421883E5E8
Requests: 26 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
Frame ID: E64057F36706CCE1A118FA74E67A5C29
Requests: 25 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
Frame ID: B833EB6C5AD667F311A42C576C036DCF
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

月下ノ霞

Page URL History Show full URLs

http://gekka-no-kasumi.com/ HTTP 301
https://gekka-no-kasumi.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

319
Requests

93 %
HTTPS

60 %
IPv6

21
Domains

32
Subdomains

28
IPs

5
Countries

19446 kB
Transfer

24502 kB
Size

17
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/tweet?text=%E3%83%9B%E3%83%BC%E3%83%A0&url=https%3A%2F%2Fgekka-no-kasumi.com%2F
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fgekka-no-kasumi.com%2F&t=%E3%83%9B%E3%83%BC%E3%83%A0
Title: Facebook

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/s/gekka-no-kasumi.com/
Title: はてブ

Search URL Search Domain Scan URL

URL: https://getpocket.com/edit?url=https://gekka-no-kasumi.com/
Title: Pocket

Search URL Search Domain Scan URL

URL: https://timeline.line.me/social-plugin/share?url=https%3A%2F%2Fgekka-no-kasumi.com%2F
Title: LINE

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCTzB2wcWFPZYpyS-qDh1SCg?view_as

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/haruka_ninja

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/%E3%83%95%E3%82%A1%E3%82%A4%E3%83%8A%E3%83%AB%E3%83%95%E3%82%A1%E3%83%B3%E3%82%BF%E3%82%B8%E3%83%BCXIV-%E6%96%B0%E7%94%9F%E3%82%A8%E3%82%AA%E3%83%AB%E3%82%BC%E3%82%A2-%E3%82%AA%E3%83%95%E3%82%A3%E3%82%B7%E3%83%A3%E3%83%AB%E3%82%B3%E3%83%B3%E3%83%97%E3%83%AA%E3%83%BC%E3%83%88%E3%82%AC%E3%82%A4%E3%83%89-%E3%83%87%E3%82%B8%E3%82%BF%E3%83%AB%E7%89%88SE-MOOK-%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BE%E3%82%B9%E3%82%AF%E3%82%A6%E3%82%A7%E3%82%A2%E3%83%BB%E3%82%A8%E3%83%8B%E3%83%83%E3%82%AF%E3%82%B9-ebook/dp/B071WK62JG?crid=560LKTEQVTAT&keywords=%E3%83%95%E3%82%A1%E3%82%A4%E3%83%8A%E3%83%AB%E3%83%95%E3%82%A1%E3%83%B3%E3%82%BF%E3%82%B8%E3%83%BCxiv&qid=1651082100&s=books&sprefix=%E3%83%95%E3%82%A1%E3%82%A4%E3%83%8A%E3%83%AB%E3%83%95%E3%82%A1%E3%83%B3%E3%82%BF%E3%82%B8%E3%83%BC%2Cstripbooks%2C159&sr=1-8&linkCode=li2&tag=harukasetsuna-22&linkId=1ac872dbd3b2c3fde3af0c6f5f9230e3&language=ja_JP&ref_=as_li_ss_il

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/FINAL-FANTASY-XIV-ENDWALKER-Resurrection/dp/4757579004?__mk_ja_JP=%E3%82%AB%E3%82%BF%E3%82%AB%E3%83%8A&crid=162J9F90OF34J&keywords=%E3%83%95%E3%82%A1%E3%82%A4%E3%83%8A%E3%83%AB%E3%83%95%E3%82%A1%E3%83%B3%E3%82%BF%E3%82%B8%E3%83%BC&qid=1651081957&s=books&sprefix=%E3%83%95%E3%82%A1%E3%82%A4%E3%83%8A%E3%83%AB%E3%83%95%E3%82%A1%E3%83%B3%E3%82%BF%E3%82%B8%E3%83%BC%2Cstripbooks%2C156&sr=1-1&linkCode=li2&tag=harukasetsuna-22&linkId=f5f2ed6612c15e94aac506f6c750d3a1&language=ja_JP&ref_=as_li_ss_il

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/Sinners%EF%BC%9AFINAL-Arrangement-Album%EF%BC%88%E6%98%A0%E5%83%8F%E4%BB%98%E3%82%B5%E3%83%B3%E3%83%88%E3%83%A9%EF%BC%8FBlu-ray-%E3%82%B2%E3%83%BC%E3%83%A0%E5%86%85%E3%82%A2%E3%82%A4%E3%83%86%E3%83%A0%E3%80%8C%E3%82%AA%E3%83%BC%E3%82%B1%E3%82%B9%E3%83%88%E3%83%AA%E3%82%AA%E3%83%B3%E8%AD%9C%E3%80%8D2%E7%82%B9%E3%82%92%E5%85%A5%E6%89%8B%E3%81%A7%E3%81%8D%E3%82%8B%E3%82%A2%E3%82%A4%E3%83%86%E3%83%A0%E3%82%B3%E3%83%BC%E3%83%89%E5%B0%81%E5%85%A5-%E3%80%90Blu-ray%E3%80%91/dp/B08W3SL6T7?__mk_ja_JP=%E3%82%AB%E3%82%BF%E3%82%AB%E3%83%8A&crid=3LWSZUMR8SN6C&keywords=%E3%83%95%E3%82%A1%E3%82%A4%E3%83%8A%E3%83%AB%E3%83%95%E3%82%A1%E3%83%B3%E3%82%BF%E3%82%B8%E3%83%BC14+%E3%82%B5%E3%83%B3%E3%83%88%E3%83%A9&qid=1651081302&refinements=p_n_format_browse-bin%3A81873051&rnid=81872051&s=music&sprefix=%E3%83%95%E3%82%A1%E3%82%A4%E3%83%8A%E3%83%AB%E3%83%95%E3%82%A1%E3%83%B3%E3%82%BF%E3%82%B8%E3%83%BC14+%E3%82%B5%E3%83%B3%E3%83%88%E3%83%A9%2Caps%2C153&sr=1-7&linkCode=li2&tag=harukasetsuna-22&linkId=70805675efa926af6fcfa180b0313ba3&language=ja_JP&ref_=as_li_ss_il

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/FINAL-FANTASY-XIV-SHADOWBRINGERS-%E3%83%87%E3%82%B8%E3%82%BF%E3%83%AB%E7%89%88SE-MOOK-ebook/dp/B09SG3RW69?_encoding=UTF8&qid=1651081449&sr=8-25&linkCode=li2&tag=harukasetsuna-22&linkId=43a17edd9426cb8ca25e99b989d02751&language=ja_JP&ref_=as_li_ss_il

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=3N8KK8+3FU6LU+4F56+HWXLD

Search URL Search Domain Scan URL

URL: https://blog.with2.net/link/?id=2078227&cid=1412

Search URL Search Domain Scan URL

URL: https://blog.with2.net/link/?id=2078227&cid=5457

Search URL Search Domain Scan URL

URL: https://blog.with2.net/link.php?2078227:top

Search URL Search Domain Scan URL

URL: https://blog.with2.net/welcome/?parts=y
Title: 参加する

Search URL Search Domain Scan URL

URL: https://blog.with2.net/link.php?2078227
Title: このブログに投票する

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gekka-no-kasumi.com/ HTTP 301
https://gekka-no-kasumi.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://img.finalfantasyxiv.com/lds/pc/global/js/eorzeadb/loader.js?v2 HTTP 301
https://lds-img.finalfantasyxiv.com/pc/global/js/eorzeadb/loader.js?v2

Request Chain 47

https://ws-fe.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B071WK62JG&Format=_SL160_&ID=AsinImage&MarketPlace=JP&ServiceVersion=20070822&WS=1&tag=harukasetsuna-22&language=ja_JP HTTP 302
https://m.media-amazon.com/images/I/614a4QtULnL._SL160_.jpg

Request Chain 49

https://ws-fe.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=4757579004&Format=_SL160_&ID=AsinImage&MarketPlace=JP&ServiceVersion=20070822&WS=1&tag=harukasetsuna-22&language=ja_JP HTTP 302
https://m.media-amazon.com/images/I/51NYmNrZkpL._SL160_.jpg

Request Chain 51

https://ws-fe.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B08W3SL6T7&Format=_SL160_&ID=AsinImage&MarketPlace=JP&ServiceVersion=20070822&WS=1&tag=harukasetsuna-22&language=ja_JP HTTP 302
https://m.media-amazon.com/images/I/51xfeW6odlL._SL160_.jpg

Request Chain 53

https://ws-fe.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B09SG3RW69&Format=_SL160_&ID=AsinImage&MarketPlace=JP&ServiceVersion=20070822&WS=1&tag=harukasetsuna-22&language=ja_JP HTTP 302
https://m.media-amazon.com/images/I/51f2c2L07QL._SL160_.jpg

Request Chain 107

https://www.google.com/s2/favicons?domain=https://gekka-no-kasumi.com HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://gekka-no-kasumi.com&size=16

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED25ZnrP29RvP238qIFnDSc&google_cver=1

Request Chain 161

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXYcsD95mkQ.QfbBqFROIwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPgSMQZ_YV0O_OJ84CwdeY&google_cver=1&google_hm=2

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGCG0ADnc-xnKQmnHH4bZUk&google_cver=1

Request Chain 163

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ5NjUxMTY5MTc3OTU5MDQzNg%3D%3D

Request Chain 166

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPgSMQZ_YV0O_OJ84CwdeY&google_cver=1

Request Chain 167

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXYcsD95mkQ.QfbBqFROIwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPgSMQZ_YV0O_OJ84CwdeY&google_cver=1&google_hm=2

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGCG0ADnc-xnKQmnHH4bZUk&google_cver=1

Request Chain 169

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ5NjUxMTY5MTc3OTU5MDQzNg%3D%3D

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPgSMQZ_YV0O_OJ84CwdeY&google_cver=1

Request Chain 180

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXYcsD95mkQ.QfbBqFROIwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPgSMQZ_YV0O_OJ84CwdeY&google_cver=1&google_hm=2

Request Chain 181

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGCG0ADnc-xnKQmnHH4bZUk&google_cver=1

Request Chain 182

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ5NjUxMTY5MTc3OTU5MDQzNg%3D%3D

Request Chain 189

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

319 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gekka-no-kasumi.com/
Redirect Chain

http://gekka-no-kasumi.com/
https://gekka-no-kasumi.com/

295 KB
40 KB

1926ms
1284ms

Document
text/html

183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 416dfff70a0941f532af5b1b053c7f77c6b1f1dc1bffe92b3b6e6ac57075bab2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 20:16:44 GMT
link: <https://gekka-no-kasumi.com/wp-json/>; rel="https://api.w.org/", <https://gekka-no-kasumi.com/wp-json/wp/v2/pages/927>; rel="alternate"; type="application/json", <https://gekka-no-kasumi.com/>; rel=shortlink
server: nginx
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 236
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 10 Dec 2023 20:16:42 GMT
Location: https://gekka-no-kasumi.com/
Server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 244ms
86ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-214735621-1

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f667549e0edbeb0bdaf577c95c81f62189d5d03d36f3d84f5281ce952921368b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69003
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Dec 2023 20:16:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
85 KB 346ms
189ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-561MLEJ5LJ

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

750d4f1e0b8fdb69f378820bb89ee33cb089bf55815c8b392acebd1dd5217657

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87230
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 20:16:44 GMT

GET
H2 200 style.min.css
gekka-no-kasumi.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 336ms
328ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2&fver=20231108060246
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:44 GMT
content-encoding: br
last-modified: Wed, 08 Nov 2023 06:02:46 GMT
server: nginx
etag: W/"1add3-6099dd612b57f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:44 GMT

GET
H2 200 block.css
gekka-no-kasumi.com/wp-content/plugins/liquid-speech-balloon/css/ 6 KB
1 KB 332ms
324ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/liquid-speech-balloon/css/block.css?ver=6.4.2&fver=20230412060200
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 16ae355a44618e8930477d56bffb4b03b27811ac47cf025a03b88392772b8fd5

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:44 GMT
content-encoding: br
last-modified: Wed, 12 Apr 2023 06:02:00 GMT
server: nginx
etag: W/"19db-5f91d58b1145a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:44 GMT

GET
H2 200 menu-image.css
gekka-no-kasumi.com/wp-content/plugins/menu-image/includes/css/ 3 KB
1 KB 329ms
322ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/menu-image/includes/css/menu-image.css?ver=3.0.8&fver=20221019032724
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 75db663f63c3505c2d1d2c41b82da41465bcd39b390516728f7fd323f95f644e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:44 GMT
content-encoding: br
last-modified: Wed, 19 Oct 2022 03:27:24 GMT
server: nginx
etag: W/"d0f-5eb5ac99195e8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:44 GMT

GET
H2 200 dashicons.min.css
gekka-no-kasumi.com/wp-includes/css/ 58 KB
35 KB 335ms
327ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-includes/css/dashicons.min.css?ver=6.4.2&fver=20210520124119
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:44 GMT
content-encoding: br
last-modified: Thu, 20 May 2021 00:41:19 GMT
server: nginx
etag: W/"e688-5c2b8339929c0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:44 GMT

GET
H2 200 styles.css
gekka-no-kasumi.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 330ms
323ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.3&fver=20230208104526
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:44 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:26 GMT
server: nginx
etag: W/"af3-5f4380538632e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:44 GMT

GET
H2 200 style-index.css
gekka-no-kasumi.com/wp-content/plugins/flexible-table-block/build/ 2 KB
560 B 331ms
324ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/flexible-table-block/build/style-index.css?ver=1666533034&fver=20221023015034
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 372fa4b0f21bf643d55f67f3fa831cc7ab480b91cd11fcc850ebb44cc490b93e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:44 GMT
content-encoding: br
last-modified: Sun, 23 Oct 2022 13:50:34 GMT
server: nginx
etag: W/"792-5ebb3f58e6255"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:44 GMT

GET
H2 200 widget-options.css
gekka-no-kasumi.com/wp-content/plugins/widget-options/assets/css/ 2 KB
509 B 336ms
329ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/widget-options/assets/css/widget-options.css?fver=20230208104612
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 20f10af39ce515ef6555b1214483b829e36e457908bd93a55b1d4837ac852a40

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:44 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:46:12 GMT
server: nginx
etag: W/"671-5f43807fdbdb7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:44 GMT

GET
H2 200 wpsm-style.css
gekka-no-kasumi.com/wp-content/plugins/wp-show-more/ 407 B
592 B 335ms
329ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/wp-show-more/wpsm-style.css?ver=6.4.2&fver=20220909081527
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 70a01c74e416d55d22922317d3aad135253a47e1042c1441d3867ddf3f13b0c0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:44 GMT
last-modified: Fri, 09 Sep 2022 20:15:27 GMT
server: nginx
etag: "197-5e84434eec3f9"
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 407
expires: Sun, 17 Dec 2023 20:16:44 GMT

GET
H2 200 slick.css
gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/ 1 KB
736 B 331ms
325ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/slick.css?ver=3.1.4&fver=20230208104619
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 82dfce8760ca230bb796f728f5444cec9f3611c94bfe33298cad70aa524e0eb2

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:44 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:46:19 GMT
server: nginx
etag: W/"591-5f438085d9112"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:44 GMT

GET
H2 200 wpsisac-public.css
gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/ 13 KB
2 KB 334ms
328ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/wpsisac-public.css?ver=3.1.4&fver=20230208104619
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 07463065874649f8f8795c60019f59f5f4912c4ebbadda4902be5e6d8fcb074f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:44 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:46:19 GMT
server: nginx
etag: W/"326b-5f438085d9112"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:44 GMT

GET
H2 200 style.css
gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/ 9 KB
3 KB 666ms
660ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/style.css?ver=202312102016&fver=20221019014757
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 59c17570d4f97bcc025b337acf5bc8d348e7f56796913806292a41da82b30f25

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Wed, 19 Oct 2022 01:47:57 GMT
server: nginx
etag: W/"24ae-5eb5965e95a2a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 style.css
gekka-no-kasumi.com/wp-content/themes/cocoon-master/ 214 KB
41 KB 673ms
667ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/style.css?ver=6.4.2&fver=20221018122551
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: cdbcb41557b2860c3e955d41f5a14ec5f5e7fcff150d5a5a3583a0283400dbe1

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: W/"3564c-5eb44226f1d3e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 keyframes.css
gekka-no-kasumi.com/wp-content/themes/cocoon-master/ 292 B
477 B 667ms
661ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/keyframes.css?ver=6.4.2&fver=20221018122551
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: d04b1faa2da8b85f4f650a0ed3645bb5aee8b8faa5ce054de1115b315059ad68

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: "124-5eb44226f1d3e"
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 292
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 font-awesome.min.css
gekka-no-kasumi.com/wp-content/themes/cocoon-master/webfonts/fontawesome/css/ 30 KB
7 KB 661ms
655ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/webfonts/fontawesome/css/font-awesome.min.css?ver=6.4.2&fver=20221018122551
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: W/"792a-5eb44226bf0bf"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 style.css
gekka-no-kasumi.com/wp-content/themes/cocoon-master/webfonts/icomoon/ 3 KB
928 B 672ms
666ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/webfonts/icomoon/style.css?ver=6.4.2&fver=20221018122551
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: f6956c081898cba209f04bf3a248390c30564a1042f500d1152ecb50429acbce

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: W/"add-5eb44226f1d3e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 baguetteBox.min.css
gekka-no-kasumi.com/wp-content/themes/cocoon-master/plugins/baguettebox/dist/ 4 KB
1 KB 670ms
665ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/plugins/baguettebox/dist/baguetteBox.min.css?ver=6.4.2&fver=20221018122551
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 70b31859862eb4792df8aa4daa383b355918490f84d956eb5ec12f3aa53b98bd

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: W/"e19-5eb44226a79c0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 style.css
gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/ 9 KB
3 KB 673ms
669ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/style.css?ver=6.4.2&fver=20221019014757
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 59c17570d4f97bcc025b337acf5bc8d348e7f56796913806292a41da82b30f25

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Wed, 19 Oct 2022 01:47:57 GMT
server: nginx
etag: W/"24ae-5eb5965e95a2a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 keyframes.css
gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/ 130 B
314 B 670ms
665ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/keyframes.css?ver=6.4.2&fver=20210805040705
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
last-modified: Thu, 05 Aug 2021 04:07:05 GMT
server: nginx
etag: "82-5c8c80d4e9e92"
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 130
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 style.basic.css
gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/css/ 19 KB
4 KB 663ms
658ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.11&fver=20230208104502
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 3854779897861fc0c29a85ce47b8ab3456fa239f0d8484d77e8737ea3abaf738

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:02 GMT
server: nginx
etag: W/"4cae-5f43803ced048"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 style-curvy-black.css
gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/css/ 6 KB
1 KB 672ms
668ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/css/style-curvy-black.css?ver=4.11&fver=20230208104502
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 5c80505133c2b387dbe571c9b908be7e815b86ec57d1cb8de7f1b8212cb0d304

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:02 GMT
server: nginx
etag: W/"1927-5f43803ced048"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
96 KB 230ms
73ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:46:46 GMT
x-content-type-options: nosniff
age: 84598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97163
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 20:46:46 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ 10 KB
4 KB 133ms
49ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1343047
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3550
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-2748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMcwvBMryv3qzUa3u%2FxfRqo6gbxEd27ItVbZ24r4QTYKfvGu9FN2nHtxB3HVDOtwFuCK2CwnIdxSeZU4fV8d9YekJj2o6LzV95i9SLyfZ%2B%2FpYwrGdvdERjFlJlyuqkKmncgWZpi1Nxs8zi3bpRGMZQsR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83382ad74f9456c4-OSL
expires: Fri, 29 Nov 2024 20:16:44 GMT

GET
H/1.1 200
OK xserver.js Show response
webfonts.xserver.jp/js/ 20 KB
8 KB 996ms
319ms Script
application/javascript 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/js/xserver.js?ver=1.2.4
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: b96773c4b9e609994855c2ff9b4463610ee73c5a4a3f11938d88dcc2894d1c16

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 20:16:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Aug 2019 03:18:48 GMT
Server: nginx
ETag: W/"5d522c18-4e15"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 228ms
78ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 20:16:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 20:16:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 20:16:44 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 289ms
136ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6227073263319178&host=ca-host-pub-2644536267352236

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a22eb9b68ecc267209d105c2e37651bfe008b8db88b81f4c001c3d2504b6ae15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gekka-no-kasumi.com/
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52713
x-xss-protection: 0
server: cafe
etag: 14062848108390520272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:16:45 GMT

GET
H2 200 icomoon.woff
gekka-no-kasumi.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/ 13 KB
8 KB 667ms
664ms Font
application/font-woff 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: c54947e67503bb21778d64789ceac992de7249f7cbcfea7dc233e7db5c2a72fa

Request headers

Referer: https://gekka-no-kasumi.com/
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: W/"32c8-5eb44226f1d3e"
vary: Accept-Encoding
content-type: application/font-woff
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 icomoon.ttf
gekka-no-kasumi.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/ 13 KB
8 KB 669ms
666ms Font
application/font-sfnt 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.ttf
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 5bbf0b6502199ad3bfdac4d910b304ad0fd6a07d38f13d386b433829c2b651b3

Request headers

Referer: https://gekka-no-kasumi.com/
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: W/"3278-5eb44226f1d3e"
vary: Accept-Encoding
content-type: application/font-sfnt
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 fontawesome-webfont.woff2
gekka-no-kasumi.com/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/ 75 KB
76 KB 670ms
667ms Font
application/octet-stream 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://gekka-no-kasumi.com/
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: "12d68-5eb44226bf0bf"
content-type: application/octet-stream
cache-control: max-age=604800
accept-ranges: bytes
content-length: 77160
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2

200

loader.js Show response
lds-img.finalfantasyxiv.com/pc/global/js/eorzeadb/
Redirect Chain

https://img.finalfantasyxiv.com/lds/pc/global/js/eorzeadb/loader.js?v2
https://lds-img.finalfantasyxiv.com/pc/global/js/eorzeadb/loader.js?v2

2 KB
1 KB

259ms
82ms

Script
text/javascript

52.222.236.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lds-img.finalfantasyxiv.com/pc/global/js/eorzeadb/loader.js?v2
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Server: 52.222.236.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 61fd9f7b7f48caa12170ed562a9d00b948b26a6381550005ba6b3f75e26616f4

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:01:54 GMT
content-encoding: br
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
last-modified: Mon, 23 Oct 2023 07:10:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 40498
x-amz-server-side-encryption: AES256
etag: W/"80f6f8e7417a3a48d4323fd43ede72a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 0UGUXYpCoQtVE9iwt5UelkpI6OW9LkGiJO-tAbJNLSQWRMduBvGTYQ==

Redirect headers

location: https://lds-img.finalfantasyxiv.com/pc/global/js/eorzeadb/loader.js?v2
date: Sun, 10 Dec 2023 20:16:44 GMT
server: nginx
content-length: 178
content-type: text/html

GET
H2 200 %E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E_%E7%99%BD%E6%96%87%E5%AD%97.png
gekka-no-kasumi.com/wp-content/uploads/2021/08/ 30 KB
30 KB 671ms
669ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E_%E7%99%BD%E6%96%87%E5%AD%97.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 807b626980aa2f6b984a501a2cb507da8973736f4cf71fd356c28087dc55aa29

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
last-modified: Sun, 15 Aug 2021 03:05:32 GMT
server: nginx
etag: "774e-5c9905b9884c5"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 30542
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 DRKp6s.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 915 KB
916 KB 670ms
668ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRKp6s.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 3d4c84c1644ec2fcf6e59cf9b576e2be1aeddd8011de89fd0427a0ef2315a694

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
last-modified: Sun, 23 Oct 2022 09:28:38 GMT
server: nginx
etag: "e4bb0-5ebb04cc39563"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 936880
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 DRKp5s.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 914 KB
915 KB 649ms
643ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRKp5s.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 3366c9a13a670b1f53202a99d7fa0de311822a2d58bb05a06fcf273e5a99b2fc

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
last-modified: Sat, 22 Oct 2022 19:41:23 GMT
server: nginx
etag: "e4674-5eba4be4a3441"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 935540
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 DRK1.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 911 KB
913 KB 871ms
857ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRK1.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: c364cef4508d2a28e0bd8117ee3f512101e91bd7f8c784514fc277bb4615e13e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
last-modified: Thu, 13 Oct 2022 02:58:04 GMT
server: nginx
etag: "e3d70-5eae1ad9032fd"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 933232
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 DRK2.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 962 KB
963 KB 871ms
857ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRK2.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 03c8a2ac1af4021e48cd150019936388ef7179090ca15635b6e68a001013af69

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
last-modified: Thu, 13 Oct 2022 02:58:10 GMT
server: nginx
etag: "f080b-5eae1adef1bc9"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 985099
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 GNB1.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 869 KB
870 KB 930ms
920ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/GNB1.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 80f72478bff029d379adc18094e8c2e05a903f9df33cc3cf4b6b20c8a2011cc0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Thu, 13 Oct 2022 02:58:16 GMT
server: nginx
etag: "d94ec-5eae1ae4df4f6"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 890092
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 NIN1.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 957 KB
958 KB 1187ms
1178ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/NIN1.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: ef189bf0e502073d3becc0c5f09692d014539f680f7326859d1a719f2a9b1b59

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Thu, 13 Oct 2022 02:58:30 GMT
server: nginx
etag: "ef3df-5eae1af2b1629"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 979935
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 NIN2.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 1 MB
1 MB 1186ms
1177ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/NIN2.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: a9db2e1b815a1de1440efcca7a74f60252c315da44774ebf78d29440e05a6c25

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Sat, 15 Oct 2022 12:41:27 GMT
server: nginx
etag: "132d9e-5eb120fa1f086"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1256862
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 MNK1.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 754 KB
755 KB 1186ms
1177ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/MNK1.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 68786a0d96efc556026d729da8463f547ec0da396866b2ad0260d503fb17b5e1

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Thu, 13 Oct 2022 02:58:23 GMT
server: nginx
etag: "bc8c4-5eae1aebedf1f"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 772292
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 DRG1.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 883 KB
885 KB 1188ms
1180ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRG1.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: c2ca44748573300c502d74ce68e4ab57ff952e496d0327a1a48040cade4784ba

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Thu, 13 Oct 2022 02:57:55 GMT
server: nginx
etag: "dcd8d-5eae1ad15a415"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 904589
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 SAM1.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 879 KB
880 KB 1187ms
1178ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/SAM1.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 56a76001e47f0b1f5e421956fef054f349943e793501faad19dc63429395e425

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Thu, 13 Oct 2022 02:58:56 GMT
server: nginx
etag: "dbc4c-5eae1b0b41737"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 900172
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 SAM2.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 1005 KB
1006 KB 1188ms
1179ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/SAM2.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: ac3ffb71b2f89868c908d62364b8512502aa9b8ff6f12eb192f510ad9b349330

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Thu, 13 Oct 2022 02:59:03 GMT
server: nginx
etag: "fb479-5eae1b1232c9f"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1029241
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 RPR1.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 916 KB
917 KB 1183ms
1175ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/RPR1.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: abd30ce315ff361f1b9ec565aabe8b8057c3ee5b1e7df5378c8eddce38f4f430

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Thu, 13 Oct 2022 02:58:43 GMT
server: nginx
etag: "e4fdb-5eae1afec81a0"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 937947
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 RPR2.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 770 KB
771 KB 1182ms
1174ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/RPR2.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 1b2b9e59887c17ed0a61af10a7d94cd8d7856e7d3780a0f71a7f09ef31a86d76

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Thu, 13 Oct 2022 02:58:49 GMT
server: nginx
etag: "c08e2-5eae1b043d8ee"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 788706
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 %E5%85%A8%E8%88%AC.png
gekka-no-kasumi.com/wp-content/uploads/2022/01/ 199 KB
199 KB 1187ms
1179ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/01/%E5%85%A8%E8%88%AC.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 01dceac7a8797dcddad1b2a00bf41e977e8418b003022416e10d0de696775718

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Wed, 19 Jan 2022 01:42:09 GMT
server: nginx
etag: "31b19-5d5e57e728aea"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 203545
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 270ms
119ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6227073263319178

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8bf738eb3962036e3b131260550f452f292a6d392993f3c05c2f438829d0b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gekka-no-kasumi.com/
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52718
x-xss-protection: 0
server: cafe
etag: 9264124449180208474
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:16:45 GMT

GET
H2

200

614a4QtULnL._SL160_.jpg
m.media-amazon.com/images/I/
Redirect Chain

https://ws-fe.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B071WK62JG&Format=_SL160_&ID=AsinImage&MarketPlace=JP&ServiceVersion=20070822&WS=1&tag=harukasetsuna-22&language=ja_JP
https://m.media-amazon.com/images/I/614a4QtULnL._SL160_.jpg

9 KB
10 KB

250ms
80ms

Image
image/jpeg

2600:9000:2490:ae00:1d:d7f6:39d3:7a61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/614a4QtULnL._SL160_.jpg
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Server: 2600:9000:2490:ae00:1d:d7f6:39d3:7a61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: bb902f8c758e42501777d1f999bf1f6954bfc6b1729c5f748a85ceb0a1e5418c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 11:38:08 GMT
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
age: 359256
x-amz-cf-pop: FRA56-P6
edge-cache-tag: x-cache-192,/images/I/614a4QtULnL
x-nginx-cache-status: HIT
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
content-length: 9698
surrogate-key: x-cache-192 /images/I/614a4QtULnL
last-modified: Tue, 06 Jun 2017 10:42:51 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 19b3ab7a-12ab-47d0-adf3-fb3d565a3b52
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: yOLex8700RCq2Y3S0boev4gR6qygBSDwlL-R3VoZ-OulA4QdpjFxgA==
expires: Sun, 04 Oct 2043 11:38:08 GMT

Redirect headers

Location: https://m.media-amazon.com/images/I/614a4QtULnL._SL160_.jpg
Date: Sun, 10 Dec 2023 20:16:46 GMT
Server: Server
Connection: close
Content-Length: 0
Vary: User-Agent

GET ir
ir-jp.amazon-adsystem.com/e/ 0
0

GET
H2

200

51NYmNrZkpL._SL160_.jpg
m.media-amazon.com/images/I/
Redirect Chain

https://ws-fe.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=4757579004&Format=_SL160_&ID=AsinImage&MarketPlace=JP&ServiceVersion=20070822&WS=1&tag=harukasetsuna-22&language=ja_JP
https://m.media-amazon.com/images/I/51NYmNrZkpL._SL160_.jpg

8 KB
9 KB

265ms
165ms

Image
image/jpeg

2600:9000:2490:ae00:1d:d7f6:39d3:7a61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51NYmNrZkpL._SL160_.jpg
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Server: 2600:9000:2490:ae00:1d:d7f6:39d3:7a61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 4f5be18bfb9a65abec19d2ab187a3d5008b55d193811fa5557a19ba2247d0b33

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 22:46:39 GMT
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
age: 108779
x-amz-cf-pop: FRA56-P6
edge-cache-tag: x-cache-934,/images/I/51NYmNrZkpL
x-nginx-cache-status: HIT
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
content-length: 8560
surrogate-key: x-cache-934 /images/I/51NYmNrZkpL
last-modified: Fri, 01 Apr 2022 04:48:07 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 82296126-bd86-4893-bfd0-7f9c2c9d4590
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: jY0ayq8gi07xJxJ5-1ahj9MPTUBPL15IBvtTYkDomxBzrnwyyV_RKQ==
expires: Sun, 11 Oct 2043 22:46:39 GMT

Redirect headers

Location: https://m.media-amazon.com/images/I/51NYmNrZkpL._SL160_.jpg
Date: Sun, 10 Dec 2023 20:16:46 GMT
Server: Server
Connection: close
Content-Length: 0
Vary: User-Agent

GET ir
ir-jp.amazon-adsystem.com/e/ 0
0

GET
H2

200

51xfeW6odlL._SL160_.jpg
m.media-amazon.com/images/I/
Redirect Chain

https://ws-fe.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B08W3SL6T7&Format=_SL160_&ID=AsinImage&MarketPlace=JP&ServiceVersion=20070822&WS=1&tag=harukasetsuna-22&language=ja_JP
https://m.media-amazon.com/images/I/51xfeW6odlL._SL160_.jpg

7 KB
8 KB

155ms
73ms

Image
image/jpeg

2600:9000:2490:ae00:1d:d7f6:39d3:7a61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51xfeW6odlL._SL160_.jpg
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Server: 2600:9000:2490:ae00:1d:d7f6:39d3:7a61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 5d76ce57e286c2eee0fdaf6fd10764d93d24f25c1cd2f65b026985cab4fff419

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:15:24 GMT
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
age: 108779
x-amz-cf-pop: FRA56-P6
edge-cache-tag: x-cache-102,/images/I/51xfeW6odlL
x-nginx-cache-status: HIT
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
content-length: 7188
surrogate-key: x-cache-102 /images/I/51xfeW6odlL
last-modified: Sun, 07 Feb 2021 00:20:46 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 3e48a3d7-4407-4b2f-a2d3-81c906bfc736
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: wyYyGgwDpN_WwCBAQWx5INFdAfr_kYh5LuXl9iSDuCjyHAATac9SJQ==
expires: Sat, 28 Nov 2043 16:15:24 GMT

Redirect headers

Location: https://m.media-amazon.com/images/I/51xfeW6odlL._SL160_.jpg
Date: Sun, 10 Dec 2023 20:16:46 GMT
Server: Server
Connection: close
Content-Length: 0
Vary: User-Agent

GET ir
ir-jp.amazon-adsystem.com/e/ 0
0

GET
H2

200

51f2c2L07QL._SL160_.jpg
m.media-amazon.com/images/I/
Redirect Chain

https://ws-fe.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B09SG3RW69&Format=_SL160_&ID=AsinImage&MarketPlace=JP&ServiceVersion=20070822&WS=1&tag=harukasetsuna-22&language=ja_JP
https://m.media-amazon.com/images/I/51f2c2L07QL._SL160_.jpg

6 KB
7 KB

76ms
76ms

Image
image/jpeg

2600:9000:2490:ae00:1d:d7f6:39d3:7a61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51f2c2L07QL._SL160_.jpg
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Server: 2600:9000:2490:ae00:1d:d7f6:39d3:7a61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: b182ce9818749272518c3638442485626394afd6ac6cc38ff7a2f882c3253373

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 08:46:06 GMT
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
age: 264908
x-amz-cf-pop: FRA56-P6
edge-cache-tag: x-cache-957,/images/I/51f2c2L07QL
x-nginx-cache-status: HIT
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
content-length: 6635
surrogate-key: x-cache-957 /images/I/51f2c2L07QL
last-modified: Mon, 14 Feb 2022 08:33:32 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 8702e365-368f-4bd6-b11a-9a49db639172
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: zvR9f6DkxtvWJhqaG2F1akaAq0L0jI1tgtWzNBmrzPQCJ3xXrBbAKw==
expires: Wed, 28 Oct 2043 08:46:06 GMT

Redirect headers

Location: https://m.media-amazon.com/images/I/51f2c2L07QL._SL160_.jpg
Date: Sun, 10 Dec 2023 20:16:46 GMT
Server: Server
Connection: close
Content-Length: 0
Vary: User-Agent

GET ir
ir-jp.amazon-adsystem.com/e/ 0
0

GET
H/1.1 200
OK bgt
www22.a8.net/svt/ 121 KB
121 KB 1222ms
304ms Image
image/gif 3.112.186.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www22.a8.net/svt/bgt?aid=220429592208&wid=001&eno=01&mid=s00000020625003009000&mc=1
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.112.186.112 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-112-186-112.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 9f0f8495b6aa810aa13618bb9c1f22d7212e887024ab5381671be8f0619f6832

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 20:16:47 GMT
Server: Apache
Connection: keep-alive
Content-Length: 123778
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www17.a8.net/ 43 B
184 B 1139ms
283ms Image
image/gif 3.112.186.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www17.a8.net/0.gif?a8mat=3N8KK8+3FU6LU+4F56+HWXLD
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.112.186.112 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-112-186-112.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 20:16:46 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 113 KB
44 KB 94ms
88ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P87VKPQ

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

12a391d5a481e671c153303324be8365250683fba215b1bc3800152bd27d62f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44430
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Dec 2023 20:16:45 GMT

GET
H/1.1 200
OK br_c_1412_1.gif
blog.with2.net/img/banner/c/banner_1/ 2 KB
3 KB 483ms
331ms Image
image/gif 153.120.49.87
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.with2.net/img/banner/c/banner_1/br_c_1412_1.gif
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 153.120.49.87 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www33.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5cbbd4c70dd9505c880c33a1d33ec9996531d00cdd6a80786446d44d1c34b2fa

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 20:16:47 GMT
Last-Modified: Fri, 25 Dec 2009 07:32:04 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "d2035d-93c-47b888d588500"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 2364

GET
H/1.1 200
OK br_c_5457_1.gif
blog.with2.net/img/banner/c/banner_1/ 3 KB
4 KB 808ms
332ms Image
image/gif 153.120.49.87
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.with2.net/img/banner/c/banner_1/br_c_5457_1.gif
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 153.120.49.87 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www33.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 742defd20336d8ac878b62e675d77e1d1f723bc5b71c9278cc5b98de626e1f65

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 20:16:47 GMT
Last-Modified: Tue, 13 Oct 2020 05:16:43 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "d23884-d49-5b186854244c0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 3401

GET
H/1.1 200
OK / Show response
blog.with2.net/parts/2.0/ 104 KB
37 KB 1453ms
355ms Script
text/javascript 153.120.49.87
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.with2.net/parts/2.0/?id=2078227:vG0wQVSZtgY&c=fireworks
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 153.120.49.87 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www33.with2.net
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7bfdab3639f65de3a7ee3739e6fe2fd8d7caafd7c84d81d59aee168127149ff7

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 20:16:46 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript; charset=euc-jp
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 37117

GET
H2 200 NIN1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 276 KB
276 KB 1181ms
1175ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/NIN1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 16c882993a940c7402192bffff614fdbd22968efca99bac650063e7acc4dfa1b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Thu, 13 Oct 2022 08:29:35 GMT
server: nginx
etag: "44f11-5eae64f2d7cba"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 282385
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 MNK1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 207 KB
207 KB 1182ms
1176ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/MNK1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 297c0d7825ebb6743ab5898c1f7c12c459c975cc8999eae82c0e62bab5f45b74

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Thu, 13 Oct 2022 08:29:49 GMT
server: nginx
etag: "33abb-5eae6500732ca"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 211643
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 DRG1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 261 KB
261 KB 1183ms
1178ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRG1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 1b92d601922abf7afc05dc7c5840db3d92ccce7e0f2c2cd0394c7542867e9407

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Thu, 13 Oct 2022 08:29:56 GMT
server: nginx
etag: "413f3-5eae6506ade45"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 267251
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 SAM1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 244 KB
244 KB 1181ms
1176ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/SAM1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 695e0b318a3127cd115b3fcc46944461c1545157479c1d01feb0d0c58f904149

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Thu, 13 Oct 2022 08:30:05 GMT
server: nginx
etag: "3cf57-5eae650fff9ef"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 249687
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 RPR1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 250 KB
251 KB 1183ms
1179ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/RPR1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 3178bb1690f47a0d14c672e294c63adde0592e2afc80d46c8fcd72206ee09d5d

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Thu, 13 Oct 2022 08:30:13 GMT
server: nginx
etag: "3e9d7-5eae65175e543"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 256471
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 DRK1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 245 KB
245 KB 1185ms
1180ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRK1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: e98b27d59723cdf19cb87b69322d9b4aa0c9a4eb3402cf8944ea94a3e082de3e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Thu, 13 Oct 2022 08:30:21 GMT
server: nginx
etag: "3d291-5eae651e9adb9"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 250513
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 GNB1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 213 KB
213 KB 1181ms
1177ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/GNB1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: ed3c5bf39d8a53722d045a9d7688bc17e6940df622fafcd0651baf6bac741636

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Thu, 13 Oct 2022 08:30:29 GMT
server: nginx
etag: "352cc-5eae6526c4b09"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 217804
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 nivo-slider.css
gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/ 2 KB
1 KB 869ms
855ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/nivo-slider.css?ver=3.28.3&fver=20230208104554
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: a330a0196da3072001cf3494d57e3ae7bd7ed26db7214a24e9f7488d2e7e9d54

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:54 GMT
server: nginx
etag: W/"80a-5f43806e5b5e8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 public.css
gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/metaslider/ 7 KB
2 KB 874ms
861ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.28.3&fver=20230208104554
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: f17f72445932b16d39475b09b03d9baec8cebb7ad60ac74f3bbed56e3cdc7e46

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:54 GMT
server: nginx
etag: W/"1a29-5f43806e5a648"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 default.css
gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/ 2 KB
888 B 868ms
855ms Stylesheet
text/css 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/default.css?ver=3.28.3&fver=20230208104554
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: b5da7316f6aba1d9e5d7a912dd6d381311efb8959a35e108416d570c8745fbab

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:54 GMT
server: nginx
etag: W/"7ba-5f43806e5b5e8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 index.js Show response
gekka-no-kasumi.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 872ms
859ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3&fver=20230208104526
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:26 GMT
server: nginx
etag: W/"2945-5f438053872ce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 index.js Show response
gekka-no-kasumi.com/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 871ms
859ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3&fver=20230208104526
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: af0f96462799a9eccfa6c5a30819ea991f9c0c4eddaa2984a638dc473c03ce2f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:26 GMT
server: nginx
etag: W/"31d9-5f438053872ce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 wpsm-script.js Show response
gekka-no-kasumi.com/wp-content/plugins/wp-show-more/ 531 B
726 B 871ms
858ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/wp-show-more/wpsm-script.js?ver=1.0.1&fver=20220909081527
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 07ed98a3b2e3e5f1d3c8f5feb13211b469f30dd6aba8274652a10aeea3c44c7f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
last-modified: Fri, 09 Sep 2022 20:15:27 GMT
server: nginx
etag: "213-5e84434eec3f9"
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 531
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 baguetteBox.min.js Show response
gekka-no-kasumi.com/wp-content/themes/cocoon-master/plugins/baguettebox/dist/ 9 KB
4 KB 873ms
860ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/plugins/baguettebox/dist/baguetteBox.min.js?ver=6.4.2&fver=20221018122551
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 50b415d35552f4b088d9e3e92ec9a46be5b499ac05a44034aedc677b3523e00e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: W/"2569-5eb44226a79c0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 stickyfill.min.js Show response
gekka-no-kasumi.com/wp-content/themes/cocoon-master/plugins/stickyfill/dist/ 6 KB
2 KB 868ms
856ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/plugins/stickyfill/dist/stickyfill.min.js?ver=6.4.2&fver=20221018122551
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: ea6b03f54820c7ce3aa1378f599c83a4a07fad0d58667c98c586af1119a186d0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: W/"17fb-5eb44226ac7e0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 comment-reply.min.js Show response
gekka-no-kasumi.com/wp-includes/js/ 3 KB
2 KB 1180ms
1176ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-includes/js/comment-reply.min.js?ver=6.4.2&fver=20220525060239
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
content-encoding: br
last-modified: Wed, 25 May 2022 06:02:39 GMT
server: nginx
etag: W/"ba5-5dfcfd215587f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 javascript.js Show response
gekka-no-kasumi.com/wp-content/themes/cocoon-master/ 7 KB
3 KB 869ms
857ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/javascript.js?ver=6.4.2&fver=20221018122551
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: ad163f38e07adcf5b324e9ff12bf50beb763539dfaba69278f141bb14144b39a

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 00:25:51 GMT
server: nginx
etag: W/"1b0e-5eb44226f1d3e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 javascript.js Show response
gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/ 298 B
493 B 871ms
859ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/javascript.js?ver=6.4.2&fver=20210805040705
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
last-modified: Thu, 05 Aug 2021 04:07:05 GMT
server: nginx
etag: "12a-5c8c80d4e9e92"
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 298
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 asl-prereq.js Show response
gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 20 KB
7 KB 872ms
861ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-prereq.js?ver=4756&fver=20230208104502
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: dab69af700e302b9d41e9267aeff95d778fe26e000f4038b7b07cc1e3c87034e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:02 GMT
server: nginx
etag: W/"4e74-5f43803cf0ec8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 asl-core.js Show response
gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 39 KB
11 KB 870ms
859ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-core.js?ver=4756&fver=20230208104502
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 8bebf0d4ddf01b1b36bc61508a9f49506b4470bd9b43155c925cff5bf5aa25a9

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:02 GMT
server: nginx
etag: W/"9b34-5f43803cf0ec8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 asl-settings.js Show response
gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 5 KB
2 KB 867ms
856ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-settings.js?ver=4756&fver=20230208104502
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 62d488ea36e8a9825f058050d92c778e9734e929f4c68289f884c4f980d93b2e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:02 GMT
server: nginx
etag: W/"15db-5f43803cf0ec8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 asl-results-vertical.js Show response
gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 1 KB
849 B 871ms
860ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-results-vertical.js?ver=4756&fver=20230208104502
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 45ae39b83ce75a8dbf0febf1e5b630fc54a713039ccfad6b46238212a1b858a9

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:02 GMT
server: nginx
etag: W/"566-5f43803cf0ec8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 asl-load.js Show response
gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 71 B
264 B 869ms
858ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-load.js?ver=4756&fver=20230208104502
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 1771aad88d0164b8f869d097851c94cc83d1a837f12fe8de39d0f309fe45f33c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
last-modified: Wed, 08 Feb 2023 22:45:02 GMT
server: nginx
etag: "47-5f43803cf0ec8"
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 71
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 asl-wrapper.js Show response
gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 5 KB
2 KB 868ms
858ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-wrapper.js?ver=4756&fver=20230208104502
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: a0fadfcb29de9d60aa0ef729fca932b7c31910e4a096864010157b123ec9f4d7

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:02 GMT
server: nginx
etag: W/"13c9-5f43803cf0ec8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 slick.min.js Show response
gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/js/ 40 KB
11 KB 866ms
856ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/js/slick.min.js?ver=3.1.4&fver=20230208104619
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 1baae8e47e441abac03b5be86bc0c92464fd273e6025d80ddc6b1827bd36af92

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:46:19 GMT
server: nginx
etag: W/"a06d-5f438085da0b2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 wpsisac-public.js Show response
gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/js/ 11 KB
2 KB 871ms
861ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/js/wpsisac-public.js?ver=3.1.4&fver=20230208104619
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: f563642e7589abf892c5e8d0919e5dbd1d837509ed160f364d4cc7d18998dffe

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:46:19 GMT
server: nginx
etag: W/"2ae9-5f438085da0b2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 jquery.nivo.slider.pack.js Show response
gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/ 12 KB
3 KB 870ms
860ms Script
application/javascript 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/jquery.nivo.slider.pack.js?ver=3.28.3&fver=20230208104554
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 702706bb34de6eeddcb094ef47f54f7e27a4c1990e205aa66c533a8482ed9d85

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 22:45:54 GMT
server: nginx
etag: W/"2edc-5f43806e5b5e8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:45 GMT

GET
H2 200 clipboard.min.js Show response
cdn.jsdelivr.net/clipboard.js/1.5.13/ 10 KB
4 KB 140ms
47ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clipboard.js/1.5.13/clipboard.min.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fac02a96e87d9afaa0ccb933490c281386d6f3b3971e419c747fd6e1f5875e1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 195961
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220116-FRA, cache-bma1622-BMA
server: cloudflare
etag: W/"29b8-SfrX8LNZaoGlcNmIEvoJIzsobb4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eivnqa3ji9lDY9p3AdnZrrcageuxOu0yjA4eRS629Xar8gZGLKkq23zu9EwiOTKNvLGRNtsDY98YN%2BRrXiWfsgKEjTLkADf1ckzOiPO%2BqZnNzOOHa3zBia5MktY6zUkqiGdq5ihhmV18p%2FgOmVk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83382adddd2b0b49-OSL

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 120ms
116ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FPC3XEC025&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-214735621-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

677f16abe5b4b304b00dfac39f98b1fcbfde271ca22ffb3099fd0cc6bf80a524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81732
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 20:16:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 229ms
75ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-214735621-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 10 Dec 2023 19:22:30 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3257
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 10 Dec 2023 21:22:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
84 KB 107ms
103ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-561MLEJ5LJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-214735621-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a4a297be9e07aa9382d21796dbb404206b5b56a98eb916cee2fc9dca18d43529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 20:16:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 112ms
108ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-214735621-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-561MLEJ5LJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6191255f831d1bce275c2b2480bacc8042c70d6e3ba24279f18e53235b54c62b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68981
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Dec 2023 20:16:45 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 160ms
56ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-561MLEJ5LJ&gtm=45je3bt0v881561445&_p=1702239404606&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1328873783.1702239405&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702239405&sct=1&seg=0&dl=https%3A%2F%2Fgekka-no-kasumi.com%2F&dt=%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4484
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-561MLEJ5LJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gekka-no-kasumi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK checkdigit Show response
webfonts.xserver.jp/advance/ref/ja/107/ 1 B
314 B 945ms
314ms XHR
text/plain 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/advance/ref/ja/107/checkdigit?K18MUcZzRRA%3D
Requested by: Host: webfonts.xserver.jp
URL: https://webfonts.xserver.jp/js/xserver.js?ver=1.2.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://gekka-no-kasumi.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: cache
Date: Sun, 10 Dec 2023 20:16:46 GMT
Server: nginx
ETag: "typesquare-use-cache"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Content-Type: text/plain;;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=8640000
Connection: keep-alive

GET
H2 200 version.js Show response
lds-img.finalfantasyxiv.com/pc/global/js/eorzeadb/ 126 B
504 B 83ms
80ms Script
text/javascript 52.222.236.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lds-img.finalfantasyxiv.com/pc/global/js/eorzeadb/version.js?1702239360
Requested by: Host: img.finalfantasyxiv.com
URL: https://img.finalfantasyxiv.com/lds/pc/global/js/eorzeadb/loader.js?v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc4a3abaab97dbcd71253b20c906c1d63a3299a41f1ea3363e909ed143b2af42

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:01 GMT
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 09:44:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 45
etag: "87b8e331b04a12cbdfb334da0403d30b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 126
x-amz-cf-id: soGi67fkPpFywmowLsTRI5C3Wq4pjGFt_m3As_xT_OE4cs_x14KrDw==

GET
H2 200 %E9%9C%9E%E6%9F%84%E8%A9%A6%E4%BD%9C5.png
gekka-no-kasumi.com/wp-content/uploads/2021/08/ 356 KB
356 KB 1183ms
1180ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E9%9C%9E%E6%9F%84%E8%A9%A6%E4%BD%9C5.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: c21dc968819eab15345ca6f57d18f258e4d54479aeb570d07b03daaf731c311c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Sun, 15 Aug 2021 03:52:22 GMT
server: nginx
etag: "58ea7-5c991030e5a4b"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 364199
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 %E3%83%98%E3%83%83%E3%83%80%E3%83%BC%E8%83%8C%E6%99%AF%E8%A9%A6%E4%BD%9C5.png
gekka-no-kasumi.com/wp-content/uploads/2021/08/ 279 KB
279 KB 1178ms
1175ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E3%83%98%E3%83%83%E3%83%80%E3%83%BC%E8%83%8C%E6%99%AF%E8%A9%A6%E4%BD%9C5.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: aa4ce1879084683ab392c6268fa0f034572ed9e9c22b5db9bf3ee142ac8dfaa8

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Sun, 15 Aug 2021 06:20:02 GMT
server: nginx
etag: "45ade-5c99313237391"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 285406
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 access.php
gekka-no-kasumi.com/wp-content/themes/cocoon-master/lib/analytics/ 0
79 B 1184ms
1182ms Image
text/html 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-master/lib/analytics/access.php?post_id=927&post_type=page
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
server: nginx
accept-ranges: bytes
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 icomoon.ttf
gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/fonts/ 17 KB
12 KB 1181ms
1179ms Font
application/font-sfnt 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/fonts/icomoon.ttf?ov1gtr
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/style.css?ver=202312102016&fver=20221019014757
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 36664f6529c5d8217af1fb3b55daaf23489bab6e97e7960e4a52495f41272036

Request headers

Referer: https://gekka-no-kasumi.com/wp-content/themes/cocoon-child-master/style.css?ver=202312102016&fver=20221019014757
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
content-encoding: br
last-modified: Wed, 20 Apr 2022 18:02:35 GMT
server: nginx
etag: W/"4570-5dd19cc4dd7c4"
vary: Accept-Encoding
content-type: application/font-sfnt
cache-control: max-age=604800
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 004-2_maru.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 318 KB
318 KB 1154ms
1154ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/004-2_maru.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 18ec62a7cf6e9f6bc62d924850886f6c65cc108e32d077d57a6ab591ecacf156

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Sat, 22 Oct 2022 17:35:34 GMT
server: nginx
etag: "4f72f-5eba2fc5932ad"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 325423
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 18 KB
19 KB 225ms
72ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 09:47:47 GMT
x-content-type-options: nosniff
age: 124138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:36:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 09:47:47 GMT

GET
H2 200 DRKskillrotation-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 300 KB
301 KB 1125ms
1123ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRKskillrotation-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: c9fefa23da3533747fdfe64cd273aba048ebb8a96fcf5d7ffc983699097c2c0c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Sat, 22 Oct 2022 20:10:08 GMT
server: nginx
etag: "4b171-5eba525194d66"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 307569
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 DRG%E3%83%9E%E3%82%AF%E3%83%AD-240x135.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 46 KB
47 KB 1125ms
1124ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRG%E3%83%9E%E3%82%AF%E3%83%AD-240x135.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 27d7cbd0f47b3c947ec845d47d830d0393d5c0a9fae65eab6b490c79ff2214b9

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Thu, 13 Oct 2022 04:38:34 GMT
server: nginx
etag: "b91d-5eae314fe50a9"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 47389
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 NIN%E3%83%9E%E3%82%AF%E3%83%AD2-240x135.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 46 KB
46 KB 1125ms
1123ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/NIN%E3%83%9E%E3%82%AF%E3%83%AD2-240x135.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: a945b38123553f00373e1b55e984c4aa642a6416aabe61e9b1810fa0684ed4ff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Thu, 13 Oct 2022 03:41:21 GMT
server: nginx
etag: "b846-5eae2485cd050"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 47174
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 DRKskillrotation-240x135.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 54 KB
55 KB 1123ms
1122ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRKskillrotation-240x135.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: c7e4b214068cce010314ad81890bf22e525883bead39ddb8ca247a84794c3ac1

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Sat, 22 Oct 2022 20:10:07 GMT
server: nginx
etag: "d9ec-5eba5250bdff7"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 55788
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2 200 2022-05-31_20-13-21-812_YukiFairylandGameplay-e1654009844395-160x90.png
gekka-no-kasumi.com/wp-content/uploads/2022/06/ 28 KB
28 KB 1124ms
1123ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/06/2022-05-31_20-13-21-812_YukiFairylandGameplay-e1654009844395-160x90.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: caed392a399c3ab794fc055c3ea59f1a99230f67bf05fdae5f422344c36f771e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Tue, 31 May 2022 15:10:50 GMT
server: nginx
etag: "70b3-5e0502d9969d6"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 28851
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H2

200

faviconV2
t0.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=https://gekka-no-kasumi.com
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://gekka-no-kasumi.com&size=16

317 B
922 B

256ms
89ms

Image
image/png

2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://gekka-no-kasumi.com&size=16

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99a82385c107ac5efac03331fbe9a779a18d14730c2b769027b6669ffd91faa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 317
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 10:23:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://gekka-no-kasumi.com/wp-content/uploads/2021/08/cropped-%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E-%E5%AE%B6%E7%B4%8B-32x32.png
expires: Sun, 17 Dec 2023 20:16:46 GMT

Redirect headers

date: Sun, 10 Dec 2023 20:16:45 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://gekka-no-kasumi.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 340
x-xss-protection: 0
expires: Sun, 10 Dec 2023 20:46:45 GMT

GET
H2 200 QA2-320x180.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 89 KB
89 KB 1123ms
1123ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/QA2-320x180.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 78b89aa4b48f508c7833c2b177c7f16d803f9cbac869771b2434968a5b4454b6

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
last-modified: Thu, 13 Oct 2022 03:40:38 GMT
server: nginx
etag: "1623b-5eae245cd3d0c"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 90683
expires: Sun, 17 Dec 2023 20:16:46 GMT

GET
H3 200 eorzeadb_external.css
lds-img.finalfantasyxiv.com/pc/global/css/ 94 KB
13 KB 68ms
68ms Stylesheet
text/css 52.222.236.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lds-img.finalfantasyxiv.com/pc/global/css/eorzeadb_external.css?dbe72a423fb02b76000bf35b90e29fcb
Requested by: Host: img.finalfantasyxiv.com
URL: https://img.finalfantasyxiv.com/lds/pc/global/js/eorzeadb/loader.js?v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3751104d350d8d0f8e470dee328af04f3756fc00f456da97df1be9ebc05fac6e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:01:54 GMT
content-encoding: br
via: 1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
last-modified: Mon, 23 Oct 2023 07:10:39 GMT
server: AmazonS3
age: 40497
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
etag: W/"dbe72a423fb02b76000bf35b90e29fcb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: hdssBUyiJmh9S-Y2Nawhd0nu-Mi8OuUyVqMPcgAb_Fojb7QUa1s0SQ==

GET
H3 200 main.js Show response
lds-img.finalfantasyxiv.com/pc/global/js/eorzeadb/ 8 KB
2 KB 67ms
66ms Script
text/javascript 52.222.236.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lds-img.finalfantasyxiv.com/pc/global/js/eorzeadb/main.js?e4fe2b78953a2861be0e3b0ada83be70
Requested by: Host: img.finalfantasyxiv.com
URL: https://img.finalfantasyxiv.com/lds/pc/global/js/eorzeadb/loader.js?v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c3b3708dd61923b22cf7fc2af1f7afc2818dc672a72cfe38c032c65929db1bc

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:07:45 GMT
content-encoding: br
via: 1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
last-modified: Mon, 23 Oct 2023 07:10:41 GMT
server: AmazonS3
age: 50248
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
etag: W/"e4fe2b78953a2861be0e3b0ada83be70"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: PoBMdID4WfjxV9UxUu34KFIw6SPm0TcoVPQ9vRmuQTUfmZDEF-_0NQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 90ms
90ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8PC0V2T516&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-214735621-2&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

20cec3a1aa8cc4bbf688918605185230d5ffc725b2c36c155ffeddd2e93417ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81729
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 20:16:45 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 55ms
55ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FPC3XEC025&gtm=45je3bt0v9114174993&_p=1702239404606&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1328873783.1702239405&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1702239405&sct=1&seg=0&dl=https%3A%2F%2Fgekka-no-kasumi.com%2F&dt=%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E&en=page_view&_fv=1&_ss=1&tfd=5278
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FPC3XEC025&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gekka-no-kasumi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 398 KB
135 KB 282ms
142ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6227073263319178&plah=gekka-no-kasumi.com&bust=31080036

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6227073263319178

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae133251ac87a0262ef320408201c7be43766447246858f1eaaae41c0e7ffb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137721
x-xss-protection: 0
server: cafe
etag: 671485030105313755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:16:46 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame FAD0 9 KB
4 KB 224ms
72ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6227073263319178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gekka-no-kasumi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

age: 4628
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 18:59:38 GMT
etag: 5585625838579639069
expires: Sun, 24 Dec 2023 18:59:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 55ms
55ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8PC0V2T516&gtm=45je3bt0v9114528700&_p=1702239404606&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1328873783.1702239405&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1702239406&sct=1&seg=0&dl=https%3A%2F%2Fgekka-no-kasumi.com%2F&dt=%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E&en=page_view&_fv=1&_ss=1&tfd=5553
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8PC0V2T516&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gekka-no-kasumi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 038F 313 KB
69 KB 601ms
600ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6227073263319178&output=html&adk=1812271804&adf=3025194257&lmt=1702239406&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fgekka-no-kasumi.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702239406083&bpp=4&bdt=1503&idt=505&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2693426377647&frm=20&pv=2&ga_vid=1328873783.1702239405&ga_sid=1702239407&ga_hid=1779646050&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809003%2C31080036%2C95320884&oid=2&pvsid=1334700986538572&tmod=139451290&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=531

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6227073263319178&plah=gekka-no-kasumi.com&bust=31080036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5012081d6d2190f7cef10df3b8a19dbda725c430ebf8931b56e820b10e8e587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gekka-no-kasumi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 70609
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:16:47 GMT
expires: Sun, 10 Dec 2023 20:16:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
147 B 81ms
80ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1779646050&t=pageview&_s=1&dl=https%3A%2F%2Fgekka-no-kasumi.com%2F&ul=en-us&de=UTF-8&dt=%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1157307753&gjid=1255817099&cid=1328873783.1702239405&tid=UA-214735621-1&_gid=1235522349.1702239407&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=740278196

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gekka-no-kasumi.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gekka-no-kasumi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
66 B 82ms
81ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1779646050&t=pageview&_s=1&dl=https%3A%2F%2Fgekka-no-kasumi.com%2F&ul=en-us&de=UTF-8&dt=%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=2126612950&gjid=1190950827&cid=1328873783.1702239405&tid=UA-214735621-2&_gid=1235522349.1702239407&_r=1&gtm=457e3bt0z8881561445&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1601482046

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gekka-no-kasumi.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gekka-no-kasumi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 73ms
72ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1779646050&t=pageview&_s=1&dl=https%3A%2F%2Fgekka-no-kasumi.com%2F&ul=en-us&de=UTF-8&dt=%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=&gjid=&cid=1328873783.1702239405&tid=UA-214735621-1&_gid=1235522349.1702239407&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&did=dZTNiMT&gdid=dZTNiMT&z=1227091602

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 14:22:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21287
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 160 KB
55 KB 122ms
122ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/reactive_library_fy2021.js?bust=31080036

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db3edbb4338c0357720209dbac84b1697f727c84273e1bb4abaf2e39ab21d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55997
x-xss-protection: 0
server: cafe
etag: 5936406267285208120
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:16:47 GMT

GET
H2 200 ajax-loader.gif
gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/images/ 4 KB
4 KB 720ms
719ms Image
image/gif 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/images/ajax-loader.gif
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/slick.css?ver=3.1.4&fver=20230208104619
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/slick.css?ver=3.1.4&fver=20230208104619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:47 GMT
last-modified: Wed, 08 Feb 2023 22:46:19 GMT
server: nginx
etag: "1052-5f438085da0b2"
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4178
expires: Sun, 17 Dec 2023 20:16:47 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4325 734 B
392 B 422ms
421ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6227073263319178&output=html&h=420&slotname=8432113424&adk=2347388405&adf=1365182113&pi=t.ma~as.8432113424&w=700&cr_col=4&cr_row=2&fwrn=2&lmt=1702239407&rafmt=9&format=700x420&url=https%3A%2F%2Fgekka-no-kasumi.com%2F&ea=0&host=ca-host-pub-2644536267352236&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702239406087&bpp=2&bdt=1507&idt=531&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2693426377647&frm=20&pv=1&ga_vid=1328873783.1702239405&ga_sid=1702239407&ga_hid=1779646050&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=2597&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809003%2C31080036%2C95320884&oid=2&pvsid=1334700986538572&tmod=139451290&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=1456

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

870c782e7adf8218b1599dc0a2e3e79c87eaa6aecbacd74c3fda4572501c5511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gekka-no-kasumi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 367
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:16:47 GMT
expires: Sun, 10 Dec 2023 20:16:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5B75 734 B
390 B 367ms
366ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6227073263319178&output=html&h=280&slotname=9375328300&adk=1620165619&adf=2788080696&pi=t.ma~as.9375328300&w=700&fwrn=4&fwrnh=100&lmt=1702239407&rafmt=1&format=700x280&url=https%3A%2F%2Fgekka-no-kasumi.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702239406089&bpp=1&bdt=1509&idt=530&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C700x420&nras=1&correlator=2693426377647&frm=20&pv=1&ga_vid=1328873783.1702239405&ga_sid=1702239407&ga_hid=1779646050&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=251&ady=3071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809003%2C31080036%2C95320884&oid=2&pvsid=1334700986538572&tmod=139451290&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=1460

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99e53bb31e43c292021c755283b7f8cbcc3efa6db50ddab953e352a20f541b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gekka-no-kasumi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 365
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:16:47 GMT
expires: Sun, 10 Dec 2023 20:16:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK ts
webfonts.xserver.jp/advance/mkfont/ja/107/ 42 B
355 B 401ms
401ms Font
text/plain 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%95%E3%81%8F%E3%82%89%E3%81%8E%E8%9B%8D%E9%9B%AA&fonts[str]=44Kr44OG44K044Oq44O8RjE06Zai6YCj44Kw44OD44K644Of44Op44OX44Ks44Oz44OW44Os44Kk5pqX6buS6aiO5aOr44OR5L6N56uc44Oi44Kv5b%2BN6ICFUSZB44Go44Oh44K744K444G444Gu5Zue562U6LOq5ZWP44O744GK5L6%2F44KK44Kz44OK6YGZ44GL44KJ55%2Bl44Gb5Yil5paw552A6KiY5LqL5pyA44Ob44OgMA%3D%3D
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: 03c762b9364316fe254b87db0a3b3b418de66c2334d7b3d0d5af597c1fc35fcf

Request headers

Referer: https://gekka-no-kasumi.com/
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Dec 2023 20:16:47 GMT
Server: nginx
X-Cache-Status: MISS
Transfer-Encoding: chunked
Content-Type: text/plain;;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK ts
webfonts.xserver.jp/advance/mkfont/ja/107/ 42 B
355 B 394ms
394ms Font
text/plain 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%83%AA%E3%83%A5%E3%82%A6%E3%83%9F%E3%83%B3%20R-KL&fonts[str]=fC7mnIjkuIvjg47pnJ7pgZnvvLzmsJfou73jgavjg5Xjgqnjg63jg7zjgZfjgabjga3vvIHvvI%2FjgrPjg5RMSU5FUG9ja2V044Gv44OWRmFiVHdpcuOCt%2BOCp%2BOCouOBmeOCiyhkc3lnbD1uW10pcHVoe30744OX44Op44Kk44OQ44Od44Oq44GK5ZWP44GE5ZCI44KP44Gb44Gd44Gu5LuW44CB5LuV5LqL5L6d6aC8562J55u05o6l44Oh44Or44Gn44KE44KK5Y%2BW44Gf5aC044GL44KJ44Gp44GG44Ge44CCMjAxLW3jgZPjgaDos6rjg4Pjgrvjgrjlr77lm57nrZTjgpLkuIDopqfjgb7jg7vmiKbpl5jlhajoiKzphY3kv6HopovjgarjgaPjgYzjgrrnp7vooYzlvozmsLTpgYHmmYLjgr%2FjgrLjg4jjgY%2FpgKPmiZPjgZXjgozjgojjgYLoh6rli5VRJkHjgajjgZHjgbg2NOS%2Bv%2BOBoeWIpeODoOi2o%2BWRs%2BWAi%2BS6uueahOOCquOCuea8q%2BeUu%2BODi%2BOCk%2BOCgueUsemAgeOCr%2BOCqOWGheWuueODiuWMv%2BWQjeOCsOS9k%2BODpeaghOOBiOiJr%2BaAneaEn%2BaDs%2BOCo%2BODieWsieiomOOBnOOBsuODs%2BW5uOOCq%2BODhuOCtOiqreOCgDPjgJDjgJHmmpfpu5LpqI7lo6vnhYnnjYTnt6jpm7blvI%2FlsaTpq5jngavlipvjgq3kvovjg6zlv43ogIV244KB44Oe56ucNTnop6Poqqzlv5znlKjmnIDmlrDnnYDnn6Xjg5s%3D
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: 03c762b9364316fe254b87db0a3b3b418de66c2334d7b3d0d5af597c1fc35fcf

Request headers

Referer: https://gekka-no-kasumi.com/
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Dec 2023 20:16:47 GMT
Server: nginx
X-Cache-Status: MISS
Transfer-Encoding: chunked
Content-Type: text/plain;;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK ts
webfonts.xserver.jp/advance/mkfont/ja/107/ 42 B
355 B 770ms
375ms Font
text/plain 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%97%E3%81%BE%E3%81%AA%E3%81%BF&fonts[str]=44K%2F44Oz44Kv44Oh44Os44O8MA%3D%3D
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: 03c762b9364316fe254b87db0a3b3b418de66c2334d7b3d0d5af597c1fc35fcf

Request headers

Referer: https://gekka-no-kasumi.com/
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Dec 2023 20:16:48 GMT
Server: nginx
X-Cache-Status: MISS
Transfer-Encoding: chunked
Content-Type: text/plain;;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK parts.2.02.css
blog.with2.net/parts/2.0/css/ 7 KB
2 KB 332ms
332ms Stylesheet
text/css 153.120.49.87
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.with2.net/parts/2.0/css/parts.2.02.css
Requested by: Host: blog.with2.net
URL: https://blog.with2.net/parts/2.0/?id=2078227:vG0wQVSZtgY&c=fireworks
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 153.120.49.87 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www33.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d0006a87f68b26d4775b6d118939f02cb694e787fe4e94cd1248bd46a17b3364

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 20:16:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Dec 2018 06:47:20 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "ca8cf7-1d78-57d6e808aae00"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 1861

GET
H/1.1 200
OK parts.fireworks.1.00.css
blog.with2.net/parts/2.0/css/ 725 B
675 B 343ms
343ms Stylesheet
text/css 153.120.49.87
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.with2.net/parts/2.0/css/parts.fireworks.1.00.css
Requested by: Host: blog.with2.net
URL: https://blog.with2.net/parts/2.0/?id=2078227:vG0wQVSZtgY&c=fireworks
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 153.120.49.87 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www33.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 96804ca351bd316085be362f11ec8d96b4eb5bc671f09fc7c9bc2f5eb6a498b7

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 20:16:47 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Oct 2014 02:57:38 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "ca8d02-2d5-505bdc2c1ec80"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 327

GET
H/1.1 200
OK logo_blogparts_26x130.png
blog.with2.net/parts/img/ 3 KB
3 KB 346ms
346ms Image
image/png 153.120.49.87
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.with2.net/parts/img/logo_blogparts_26x130.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 153.120.49.87 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www33.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a6385fd389127baaf589b604b0573565a85e4c660e20a4e7307c964d5046da50

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 20:16:47 GMT
Last-Modified: Thu, 26 Jun 2014 09:25:12 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "ca8d58-a61-4fcb9c50dae00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 2657

GET
H2 200 arrows.png
gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/ 824 B
1010 B 516ms
515ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/arrows.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/default.css?ver=3.28.3&fver=20230208104554
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 6821ca4ae2508bdba08e189040928a0769f0a71b12fdd4325c3ae80ef5636bb8

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/default.css?ver=3.28.3&fver=20230208104554
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:47 GMT
last-modified: Wed, 08 Feb 2023 22:45:54 GMT
server: nginx
etag: "338-5f43806e5b5e8"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 824
expires: Sun, 17 Dec 2023 20:16:47 GMT

GET
H2 200 bullets.png
gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/ 1 KB
1 KB 520ms
520ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/bullets.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/default.css?ver=3.28.3&fver=20230208104554
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 97f65015a491719ae9dbf1afc7948f8e57f946a6822c6a924fb5826265e89af6

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/default.css?ver=3.28.3&fver=20230208104554
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:47 GMT
last-modified: Wed, 08 Feb 2023 22:45:54 GMT
server: nginx
etag: "501-5f43806e5b5e8"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1281
expires: Sun, 17 Dec 2023 20:16:47 GMT

GET
H/1.1 200
OK ab.woff
webfonts.xserver.jp/ 17 KB
18 KB 972ms
627ms Font
font/woff 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/ab.woff
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: e2fa69feab176160c642026437a980e8d82132c225290fcfb0c50a333dd31552

Request headers

Referer: https://gekka-no-kasumi.com/
Origin: https://gekka-no-kasumi.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 20:16:48 GMT
Last-Modified: Fri, 26 Feb 2021 05:26:27 GMT
Server: nginx
ETag: "60388683-4578"
X-Cache-Status: HIT
Access-Control-Max-Age: 31536000
Access-Control-Allow-Methods: GET
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17784

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame B037 9 KB
4 KB 73ms
72ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gekka-no-kasumi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

age: 84612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:46:35 GMT
etag: 5585625838579639069
expires: Sat, 23 Dec 2023 20:46:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame BC23 9 KB
4 KB 72ms
72ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gekka-no-kasumi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

age: 84612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:46:35 GMT
etag: 5585625838579639069
expires: Sat, 23 Dec 2023 20:46:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame B8AD 9 KB
4 KB 72ms
71ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gekka-no-kasumi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

age: 84612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:46:35 GMT
etag: 5585625838579639069
expires: Sat, 23 Dec 2023 20:46:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame EEDE 9 KB
4 KB 78ms
77ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gekka-no-kasumi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

age: 84612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:46:35 GMT
etag: 5585625838579639069
expires: Sat, 23 Dec 2023 20:46:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame B037 4 KB
767 B 80ms
79ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 20:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 19:21:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 20:16:47 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B037 205 B
651 B 235ms
71ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:28:20 GMT
x-content-type-options: nosniff
age: 197308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 07 Dec 2024 13:28:20 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B037 604 B
696 B 236ms
73ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:41:25 GMT
x-content-type-options: nosniff
age: 203723
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 07 Dec 2024 11:41:25 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame B037 16 KB
7 KB 245ms
74ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:00:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6784
x-xss-protection: 0
server: cafe
etag: 2582286893585073394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 19:00:08 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame B037 22 KB
9 KB 251ms
80ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:57:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9231
x-xss-protection: 0
server: cafe
etag: 9385233705467680479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 18:57:47 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9184 624 B
246 B 121ms
117ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY05XXgAIwAQ&v=APEucNVhB-KW40b4BaWrtkaqQNs8sK6zvZ8Pi9XqIQX9Do4GJgjdMosRKG2zozPR5HvxheH84beXWWVR6soqaf2VON84oMSAlUa3q-4g-snJkcdrcfNHCMZy5PXwtoY9yoZjDrXa7dur7z7ASQw1OE-nhvrnoMTy8MQba5tS-BTOjUKcxjVaTyU

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:16:47 GMT
expires: Sun, 10 Dec 2023 20:16:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 30E9 89 KB
31 KB 241ms
238ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:16:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 30E9 3 KB
1 KB 293ms
173ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:21:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 30E9 20 KB
8 KB 213ms
94ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 19:33:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 30E9 202 KB
64 KB 300ms
119ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:16:48 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30E9 42 B
63 B 110ms
108ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ASBN9vIumC_P_VThyRM9fwZNFDn68RnGbQc116FYl98YXHq9LSEB7_LlIYp6mmDt-_QKnkHL8KZUuO7__Avu_S3rDpdIBh0knglCbqtPVYCGXwj3E

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8622 624 B
246 B 114ms
113ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY05XXgAIwAQ&v=APEucNXho_W1oZesDKw0j7A7th_OlsAYsO5MD9zIq_drChi2OOGBbDRtJhD-NTunys1in2amSa4zQCZTxYAAFVtwFVwjtpS2bdkVLUJqUlWZA_nrtObngIZ0LLuS3q1a36okN8fUwJBvUUj5mcbJ5bjRW3GejMj4bOkrSt7jLXV0Xkr8Z9TSKhc

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:16:47 GMT
expires: Sun, 10 Dec 2023 20:16:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6583 89 KB
31 KB 297ms
297ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:16:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 6583 3 KB
1 KB 260ms
176ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:21:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 6583 20 KB
8 KB 242ms
159ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 19:33:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6583 202 KB
64 KB 407ms
262ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:16:48 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6583 42 B
63 B 106ms
105ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DrcAfJvtXd9wDs4cNAm2dr3Az1riKLoiG5K2ZfU0tT1v6rE_-lsMijg0azIg-6zoALucVyA0YiKYhDGXq5hzSvP8csp4WLihxMGfXSyO6dVeRSVnA

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7413 624 B
242 B 116ms
114ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY1ZXXgAIwAQ&v=APEucNUhzRMmUi4THsGtGNi6-kEVd9Aimzvf0gzs4zO3S5qcuekIYOU4tFguTRlHxHR6s8oCoB8ySjQYO72LZjph3AFlrgdsolC_ZFUFZ0Z61ABTFx9Zf75_szL1-qYUy6X-i0sdRwz1_qbuOUh6sW9BfhcbIJB1ryZsM86rDJkuhPcceFZciLY

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:16:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 84E6 89 KB
31 KB 249ms
247ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:16:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 84E6 3 KB
1 KB 226ms
177ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:21:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 84E6 20 KB
8 KB 196ms
148ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 19:33:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 84E6 202 KB
64 KB 352ms
242ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:16:48 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 84E6 42 B
63 B 105ms
103ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BpzfXk33qnaw68Xg4KnZvTCwlkhcZiBeG6nEoWzwEJOJ3Owvy9ic4obHtPbN7QENvF66hco6X0DVF0yDsKqFVqLJAzjyKkcBAAz_dEyMMW82y75qs

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9184
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED25ZnrP29RvP238qIFnDSc&google_cver=1

43 B
735 B

83ms
83ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED25ZnrP29RvP238qIFnDSc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY05XXgAIwAQ&v=APEucNVhB-KW40b4BaWrtkaqQNs8sK6zvZ8Pi9XqIQX9Do4GJgjdMosRKG2zozPR5HvxheH84beXWWVR6soqaf2VON84oMSAlUa3q-4g-snJkcdrcfNHCMZy5PXwtoY9yoZjDrXa7dur7z7ASQw1OE-nhvrnoMTy8MQba5tS-BTOjUKcxjVaTyU
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cy%2FGrasqQvFHwFqnKl5RBESVk2Xx%2BPRHrhfP%2BHzbk8krZ5F3REru5LU9wzgqOxnXgoeq1NqjFJIasCzMklOrQRBqgIu1RZwuLW7KBd0TER5M3tILObMw7WVmadzTSmEDsP0ScPxHSBChyg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83382aedfe6fb52d-OSL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED25ZnrP29RvP238qIFnDSc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9184
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXYcsD95mkQ.QfbBqFROIwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPgSMQZ_YV0O_OJ84CwdeY&google_cver=1&google_hm=2

43 B
739 B

74ms
73ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPgSMQZ_YV0O_OJ84CwdeY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY05XXgAIwAQ&v=APEucNVhB-KW40b4BaWrtkaqQNs8sK6zvZ8Pi9XqIQX9Do4GJgjdMosRKG2zozPR5HvxheH84beXWWVR6soqaf2VON84oMSAlUa3q-4g-snJkcdrcfNHCMZy5PXwtoY9yoZjDrXa7dur7z7ASQw1OE-nhvrnoMTy8MQba5tS-BTOjUKcxjVaTyU
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z04SdjAy8GnvIu%2BeKXS%2F3pR9O5lK%2Bf2gu%2FH0cuNBUwamnxBFKVLsbANXDTFzFcICDq%2FVlN0XRsPULS%2FheYoMD27Y9seCDCwEhKV3uOaxDChEvtcW0ghwTKukk%2Fx8KGgWaluVsmaTlztKxg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83382aeeef95b52d-OSL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPgSMQZ_YV0O_OJ84CwdeY&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 9184
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGCG0ADnc-xnKQmnHH4bZUk&google_cver=1

43 B
842 B

73ms
73ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGCG0ADnc-xnKQmnHH4bZUk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY05XXgAIwAQ&v=APEucNVhB-KW40b4BaWrtkaqQNs8sK6zvZ8Pi9XqIQX9Do4GJgjdMosRKG2zozPR5HvxheH84beXWWVR6soqaf2VON84oMSAlUa3q-4g-snJkcdrcfNHCMZy5PXwtoY9yoZjDrXa7dur7z7ASQw1OE-nhvrnoMTy8MQba5tS-BTOjUKcxjVaTyU

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
an-x-request-uuid: 188f92d3-e95d-44b5-96b4-6b122075a241
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.255.148.172; 178.255.148.172; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGCG0ADnc-xnKQmnHH4bZUk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9184
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ5NjUxMTY5MTc3OTU5MDQzNg%3D%3D

170 B
243 B

82ms
81ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ5NjUxMTY5MTc3OTU5MDQzNg%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
an-x-request-uuid: a9a891ef-2fee-41a2-9702-88589de1c7c9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ5NjUxMTY5MTc3OTU5MDQzNg%3D%3D
x-proxy-origin: 178.255.148.172; 178.255.148.172; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fireworks.jpg
blog.with2.net/parts/2.0/img/back/ 21 KB
21 KB 349ms
348ms Image
image/jpeg 153.120.49.87
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.with2.net/parts/2.0/img/back/fireworks.jpg
Requested by: Host: blog.with2.net
URL: https://blog.with2.net/parts/2.0/css/parts.fireworks.1.00.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 153.120.49.87 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www33.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8db907d98173c24e0697eee04d69924d42f7b79f40bd8e02c4fc62aa7a77044e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://blog.with2.net/parts/2.0/css/parts.fireworks.1.00.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 20:16:48 GMT
Last-Modified: Mon, 30 Jun 2014 08:26:46 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "ca8d2a-5478-4fd096b71dd80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 21624

GET
H/1.1 200
OK icon_br_crown_18x14.png
blog.with2.net/parts/2.0/img/ 313 B
604 B 346ms
345ms Image
image/png 153.120.49.87
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.with2.net/parts/2.0/img/icon_br_crown_18x14.png
Requested by: Host: blog.with2.net
URL: https://blog.with2.net/parts/2.0/css/parts.2.02.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 153.120.49.87 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www33.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8cf6b0ea38e65bd94401db5eebd6949b56fee5f488ce95bb36703e45755a6b62

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://blog.with2.net/parts/2.0/css/parts.2.02.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 20:16:48 GMT
Last-Modified: Thu, 26 Jun 2014 07:50:30 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "ca8d1f-139-4fcb872613d80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 313

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8622
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPgSMQZ_YV0O_OJ84CwdeY&google_cver=1

43 B
768 B

76ms
76ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPgSMQZ_YV0O_OJ84CwdeY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY05XXgAIwAQ&v=APEucNXho_W1oZesDKw0j7A7th_OlsAYsO5MD9zIq_drChi2OOGBbDRtJhD-NTunys1in2amSa4zQCZTxYAAFVtwFVwjtpS2bdkVLUJqUlWZA_nrtObngIZ0LLuS3q1a36okN8fUwJBvUUj5mcbJ5bjRW3GejMj4bOkrSt7jLXV0Xkr8Z9TSKhc
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SS8SRexHn0bRxpZCwnxSwIIq0MD5Com2BDSZBR%2FTK2IB%2BFNIq1wk6Arm0TXdpWXe6Qiv4QqF7ukuivuZshXCWXTY2TIHlrTJQoHIRK0dujf5p5Ev8N6biM2hiKyENeXMrQK0co1uSiL61w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83382aedfe72b52d-OSL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPgSMQZ_YV0O_OJ84CwdeY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8622
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXYcsD95mkQ.QfbBqFROIwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPgSMQZ_YV0O_OJ84CwdeY&google_cver=1&google_hm=2

43 B
736 B

77ms
76ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPgSMQZ_YV0O_OJ84CwdeY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY05XXgAIwAQ&v=APEucNXho_W1oZesDKw0j7A7th_OlsAYsO5MD9zIq_drChi2OOGBbDRtJhD-NTunys1in2amSa4zQCZTxYAAFVtwFVwjtpS2bdkVLUJqUlWZA_nrtObngIZ0LLuS3q1a36okN8fUwJBvUUj5mcbJ5bjRW3GejMj4bOkrSt7jLXV0Xkr8Z9TSKhc
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wzcqwfvHcn7B1YS19fX0V8RBkVfrZtNF5qSX%2FzB%2BkB%2FczlV7aJv5FJPu6WcIE5xtC8YYbZ61fAAEHlmrEVjs00SjQl%2F1VsYU%2FXr3PTrqlMagEQA9HDADtHKBSgFkU25bg2hdAAvxnyryg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83382aeeef93b52d-OSL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPgSMQZ_YV0O_OJ84CwdeY&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 8622
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGCG0ADnc-xnKQmnHH4bZUk&google_cver=1

43 B
842 B

59ms
59ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGCG0ADnc-xnKQmnHH4bZUk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY05XXgAIwAQ&v=APEucNXho_W1oZesDKw0j7A7th_OlsAYsO5MD9zIq_drChi2OOGBbDRtJhD-NTunys1in2amSa4zQCZTxYAAFVtwFVwjtpS2bdkVLUJqUlWZA_nrtObngIZ0LLuS3q1a36okN8fUwJBvUUj5mcbJ5bjRW3GejMj4bOkrSt7jLXV0Xkr8Z9TSKhc

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
an-x-request-uuid: ffcfa7af-7ea7-43db-82c3-c3438d61c1f3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.255.148.172; 178.255.148.172; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGCG0ADnc-xnKQmnHH4bZUk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8622
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ5NjUxMTY5MTc3OTU5MDQzNg%3D%3D

170 B
232 B

83ms
82ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ5NjUxMTY5MTc3OTU5MDQzNg%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
an-x-request-uuid: 37d21785-6ec6-4784-a01e-920a0ae0a374
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ5NjUxMTY5MTc3OTU5MDQzNg%3D%3D
x-proxy-origin: 178.255.148.172; 178.255.148.172; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9B56 249 B
266 B 104ms
82ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%81%98%E9%96%89%E3%82%8B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0bb5af18639dfc54932f4340945c1dceeb1e5aac5933b578f2ab597f29137599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 20:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 20:16:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 20:16:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9B56 11 KB
1 KB 100ms
82ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdcaa771e7265ff69e374f9fef053fd9ae91567074983aa1a61bf74a3001490b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 20:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 18:20:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 20:16:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 9B56 2 KB
902 B 90ms
79ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 19:43:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 9B56 24 KB
9 KB 91ms
81ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84865
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:42:23 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B688 143 B
166 B 84ms
72ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

age: 2302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 19:38:26 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 9B56 3 KB
1 KB 99ms
90ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:21:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 9B56 20 KB
8 KB 80ms
72ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 19:33:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B56 202 KB
64 KB 266ms
259ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 20:16:48 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 9B56 37 KB
15 KB 78ms
71ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 20:29:37 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7413
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPgSMQZ_YV0O_OJ84CwdeY&google_cver=1

43 B
733 B

75ms
75ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPgSMQZ_YV0O_OJ84CwdeY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY1ZXXgAIwAQ&v=APEucNUhzRMmUi4THsGtGNi6-kEVd9Aimzvf0gzs4zO3S5qcuekIYOU4tFguTRlHxHR6s8oCoB8ySjQYO72LZjph3AFlrgdsolC_ZFUFZ0Z61ABTFx9Zf75_szL1-qYUy6X-i0sdRwz1_qbuOUh6sW9BfhcbIJB1ryZsM86rDJkuhPcceFZciLY
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xP%2B%2FCRpULeK8KqmoNmDMN6yj27MhPoO8cRaEKfAVkeGe92WYVDeGGCLHL%2BIvNmlWovgNcvDmJDHYK365Aff9YQQxwdsT9Ba29omTJOBnzoKxqmXa1PDoOyWwDcRp74q48i7tyKvHSRoY5g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83382aedfe75b52d-OSL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPgSMQZ_YV0O_OJ84CwdeY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7413
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXYcsD95mkQ.QfbBqFROIwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPgSMQZ_YV0O_OJ84CwdeY&google_cver=1&google_hm=2

43 B
734 B

75ms
74ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPgSMQZ_YV0O_OJ84CwdeY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY1ZXXgAIwAQ&v=APEucNUhzRMmUi4THsGtGNi6-kEVd9Aimzvf0gzs4zO3S5qcuekIYOU4tFguTRlHxHR6s8oCoB8ySjQYO72LZjph3AFlrgdsolC_ZFUFZ0Z61ABTFx9Zf75_szL1-qYUy6X-i0sdRwz1_qbuOUh6sW9BfhcbIJB1ryZsM86rDJkuhPcceFZciLY
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIPiNZrqje7KJgJ4kZu5ncpNArQkJ7vfmQJ%2FZXMvh7QHGdAnaFhRRFRwakyChjOy9jpcOFAWi6meCZ4hp6S5sfwbYXQjzmS0ohiAe%2F6WruopbDlbxAh9%2FZJRWgEtmHVE0fZH9LlNFpNBEg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83382aeeef96b52d-OSL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPgSMQZ_YV0O_OJ84CwdeY&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 7413
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGCG0ADnc-xnKQmnHH4bZUk&google_cver=1

43 B
842 B

59ms
59ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGCG0ADnc-xnKQmnHH4bZUk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ_aPu0wQY1ZXXgAIwAQ&v=APEucNUhzRMmUi4THsGtGNi6-kEVd9Aimzvf0gzs4zO3S5qcuekIYOU4tFguTRlHxHR6s8oCoB8ySjQYO72LZjph3AFlrgdsolC_ZFUFZ0Z61ABTFx9Zf75_szL1-qYUy6X-i0sdRwz1_qbuOUh6sW9BfhcbIJB1ryZsM86rDJkuhPcceFZciLY

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
an-x-request-uuid: ed5b1911-79e2-47b3-a7a9-6688256d728d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.255.148.172; 178.255.148.172; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGCG0ADnc-xnKQmnHH4bZUk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7413
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ5NjUxMTY5MTc3OTU5MDQzNg%3D%3D

170 B
232 B

83ms
83ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ5NjUxMTY5MTc3OTU5MDQzNg%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
an-x-request-uuid: 57d5a0a6-f494-4471-8631-69a21b81b3d6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ5NjUxMTY5MTc3OTU5MDQzNg%3D%3D
x-proxy-origin: 178.255.148.172; 178.255.148.172; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30E9 0
20 B 104ms
103ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1631360011506&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30E9 0
20 B 104ms
103ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1631360011506&version=m202309260101&ct=119&x=1&cor=10455429166766570000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 30E9 92 KB
38 KB 150ms
149ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Crhs4Bpozm7tCLN1Kz-NPzNJGTq9wkubn44xRlTFu3CwY4SDB2Lvvym3Qo85KX4m5UMHpODNc4i-qzj-kApwCq2T_GksXwK1lxtDTSN6bdICYn3m6gIEQsRamfO-hrTNIrVIdSxPWEPplrBgi1zvK4TszowL5BXWn5jEJdPkf7QQpUgUo&cry=1&dbm_d=AKAmf-BneyKWmJx0ZxauUa7fInyBaySEPs2o77d0qEBy8X1KZ0SntWvDU8Lnq75pAqz8W8YAp3y58XVbyO_MBU_Zh_URa8iyKA6G8NjEM9JW3s9TBZllixxxFphd1xgXqIUmk2Qv8FwnN5-Z5Ws9AK83z374bCfcWzHdekhKKbM2XWmd2L1HZmJpbSR0RwXlF33fP192C2OL8JugnMBjNzpykRUtEoyGJo81sE9K_l3y--jusM5eaC1vG8KRVVrRXFeR_Mm1jgc-86ImmdYWRabz-HVy4sV8ZimX4hAzyWQyuUQRNBnU0HEhvevTsgUl62Mr3T00JQ3lViGtVsb9Rppp9c5m9K5Veb22713qubXSo2swAmF5xo_GmKMuG1EXNo0qnBxOvrOu5JwMXK5D-iYRZiOuSPVGdY4Q3mxX2pxlzznxN-jkAHpO4p69N8DgKwOb03CWgHzXuQc1QQh_s27QzmaFtvEMc155CoEznvJKfMqIii2IXh5eJb80n5hSPfOySK6sNLDXfyWGsR00W92tfL94orr95E2Okad18VOwa_kIP4wqMLYP-V0vKL_fO4Nz0buTnzcfCv0_rPAaSolane2Jfck251fVsHwPFU4Fwr-QEY0zYk38qo1kaBabztOrKHCU1hOO9q7eBk8fFJ5sbXqhFY779SgJ3cbnFMYPiQpO7ZZ_0PMKg96S5aM7Cs9IIRNFW-XawgOE9_uwNAcx3LWt0g8WPaTn0SFtQZ43-d1l4ECCuRzncNLZEPtONu76D4G2qvWSMAQIr24HWZCPzFw2rC3FZC8NhAmZHf6jToApoglqMCVIbWCbtMDkt7ZOHY5Txaw-lgsglwsHDDYkh931mDXOJY8MFGPOuu2zjr0xfPaqHXbHe5cwR-rxeUaUBm3QuMRkUxueRamkSoouwIU24JmoWwswzlTnISKXHdvx4ImazCAuZ3_tRh3towubyPeyyu-ntR_x_6TmkD-olc8Dq4IBdhRkzA9ByCWCSf91eN1kZQX3LtU4P8bkvd3xK_iCl4mMGOGB1uJZiGNB5_zS4Z0DDrIeHn4jyVqtTz1TbOB2nXT_UIkh7bqJJ4DfzkKyLkh5v3S4TWbg7r83j3QDiG8MbYN_I_9nMjNLMXiEsgu_9KunGPwYKvBLszg_AYt7-78cRahYXQcGfQbVQKgkUoy0mNyjN_QqRKtodktmWBR9WKuu-bGBeJzc8Yd-MlDFZ7gsuNt__PWZZDjue5BXYMTD-22xNV7otDlX5QLe9TsqqNR2qUlrmW-48viDk8zWNk47kRzA_4nNzTsHyMy2_PwDpViQAEMoq6VXMMQtooa_F5nY2G93qfFTMIkV7woj4FdmIjvKNv2kPzfxo3lCFJsIpRXqOIpGK6BHKjTi_st6yJiGHfXpRmfqV0a4AzMdYx4RSdqLmKJ5Chn8TN_jNrG5Wy-ySo9MCh_sj00dxiQL5ESYLbbSzBeiQg82xSLZpsol7ivbD7x_-EyudDnJDmYSa4_sWPDNNlDQwWvnArD7_DBcutxkvFFbb_Od9Qg5xXn-49grdzRifzgQgdijxe3lRzkS3egeaELc6_NklmRLFu_Dz2Wxe0temURjMYU54wNIXWo6lV6LGhQmxOtb30GCO6ktp03POqIz_mJavWsmEGN54FWFiLFcb7MjXz7qyuz0ZvGq1oYjFnsFS4LcFgHeAGD_O-8FfqW8NZtBkbSjvKOG--ZohjRbk7Xwv2vrB4Pb7uk2OuX2hc39ITqdvYXyXleS7fvvP3vOvlOE-9XZXl049vJXsW6b3SpJq3pszH2MNQRhVAZfqDHig5mP83YhCc6np1fCVgs1cHRsPJOfCyecac3ww7KTahqMrsXKM7Hg9r0s5zdpc-cQ1bGlb6W0XoQedWKAOMbyCUsZss0dKMHQvygmiKLdKjVgSOCgRD5mE_VuYvvWm1aatwW6fWP5trF8htmJY3YyxAdOoiw5Ppg7pyzhY3oFC29Dy1CRcHPR2j5V37OEhs7fbtIx2rZvObx3Pv2x5VUMLW_qyC593muOn7D57q4-itwaHntnWTZPehzwvEA8X9QK1s-AJoftDgrq7-uMD44_FFqViQZ706BHN0-qPT8ljpHKURPWGclXNZ9yw8qo4Yo1zPot5pI-y3vAvNYisPFep1oGVv-cZoFpy12RJyEj5f-gEcgFHcSQ2x0SsoqBLabKBExxd5dCIJdfLgaO0kgh9_jf3G0ChP3ynPXg5sDt8mT14X4p2i6PWjSVmW-ahD7NJG99bzSoGpI7i3WVgyC1dRlzUDOR9Mrc5l-ZqrRRpZmentVyOasHbtUVW9xCPSczmIVdoyHbQdSJzXFa2molK0Rc55ZpWZveVDdxqPJZezZMwcYon94qvEMJXQqwsczQHiUGI6FWyX7RU2vr-Nv32VYfX49dQWwcyjpQ1pVuPvrEyqBm-OTo3hct8X5VtR2heH0o1Wp4PAgMzZmOSxGBdbEYLFKUzvCwGOb2qkAyANGYFuLJsjikGGwr6jM8ff7rgT0YTLIjTae6TOzFzykPFzomR_jn87vVwXrCSgrDmIWYKWGYc5zxCNc6fxrz71f0wpJZABk6qNEF5q40Uo0wNapZZQTvvqk-SdqRH4cO_9XRb9mmdx2pzEcPrAgJMq36qFTJ1kxdFZm8eVa6yj5tybyXXtnubWRbOdaqyD4gJZf7B8pmB9OZmyeYjrZQ2W_IT7Bg_5Wi5bsnp31Wt-6fbfpEowYQ1FVWLNs64Mv9QtmQA5IDT6o2w5nqzpyTkC-baACUJ_eVvfq1XWwYxA3Vp3o9y6wbSVSLBp6q0CrKnqTI6irCT04SMKfpwvCwm22Ki2YBiJBMDTPOzMi9dw9HD_jOFmRbkHvqfDAZ9BzWSzoSLvrXuc7NgumEvdhw1CbxXkSqn_VbTlDt__--oOY6V6pO75Wy0wCAoRMuzBxwNgHjyWaCaEvJxDgpbNPOY4hO5p25FSJB9EZ__m02dBnOSJLHfvXNtsICyFAEKKC5OdWD5B6D2FWGUQDvLVGYgSrjJC9NYsiQN-PU4OMbm8BxOaDAArzDfn0HZGTjMh-MLRrf836DJYos3Cm3Gt7HbAT63-Lv2Guf8CklGTtoYeE8bE6H5YWFpTzGqDep0RDAn0Dz1Gq_uaJESW5O_6IzyeXvnbnvGPyFMPBc35qy3kLtGxPHgr3qOB9ZtMhUXfLcZVcujB54gU-8lHgEC1NyyEkjIfRWofka70f4_9X_naKNTorsBH1qZqic6AIdIr221LM_WKEKnWAdonk6R_nIJLTvbe-XgU9G1qBTuYOH7LPQrui0BPi7jOTqlR4m4H5BFulXOJaZQ_m53bNmGmbiGp1vcP4bD0ZftyCkuMNdMvrbKSDjz9-x7RiGYvZCPSBapTe_uJrCtFVRy4hUyeVbJliNBHpghmstaKku1xFyNch0hg1rewWCnYsFp7SgEMolqCDlxWrLwIR7QKSxXfYyar7kNaPh8pHVl5PsReWL7FGJiaLqz43xDi14_0OqfZm7OuYoSLGr3GJoP74dSbNYAsUJ77x7P4PIvoxM0dZFZ_W5PIQJSVQB5u8LgOuPnYzO8cqT3ByAdSwp_O88EM96eFF9H4Qz9q7QP2xfrkSj9tmN3qe9WcKERCfrj96dBQmTUPJ00-PpfZqb62p2JbyVevrB4Ba1l-5xbasrlCZmuZxeqnj0IDhWP-w9a1OLu4syGs9qtmtM20WYqLrg2gWH88w7DKDXTSSxPRUDR1O_PqCVPWlwKuKKxrq9pGimVYHx9tFk081mvWd6tSA1JeQ3eihInjQxn-MS50cVx3OMH7ihiDqBFJ6PLytDQBNfwHFgUD-2FS9WlBiH&cid=CAQSTgDICaaN5cipSat1XOzUpL0NtG-HegCQpvatLvcDFAfKnuM-YmVZtrZrMw8Ma1ChD1qL1_AKpDkJwluSTdZthES0eIcMXJ2QQqW4gJDVhBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgekka-no-kasumi.com%2F&ds=l&xdt=1&iif=1&cor=10455429166766570000&adk=1726166463&idt=273&cac=0&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

427a692ab6dc95c7cbaa2bb4fc96a03729d6f332b3d9eb2a0a98e77831dea0fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39001
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 84E6 0
20 B 104ms
103ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1911510207036&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 84E6 0
20 B 103ms
103ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1911510207036&version=m202309260101&ct=119&x=1&cor=7285942898818585000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 84E6 93 KB
38 KB 148ms
147ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DfG6Y1jxvFXMGPnQxkbNgOGhZwgjsE3evYS9VIJEuHyStci4ieB6NGkH7sMbc81C9VkLqCC-tFhVNe8zbf14GgMZ3D3bmO1ygyKExm_UXr26ZepEdMNBzdJ-HQU5ceHRlevxojjNoBNQKQJ8m7XPuyhjG2h9bmqz4WsRQ2R7w9rLUBDxw&cry=1&dbm_d=AKAmf-BhTMFSN6Gr82uhltKsvu8jcxRFwOiUxd9ZsJAgUycedDwZwaPG_ZJqUV5B7-Wb4Rc4RI0Tc76wGjQRk_mXIJeXgbE9MVLBq_LiCnnuvos9LYBcTuBlcigVawKzMW_dvvJKFylDvqfsogh5fBYT4_NmzCvw1uh6ynLeCq6tkNg0Ta7e3U-riTuLBwtQE1fIrKZyZHc1vn5M5DjQ0GUx6sr73mCpzSyt7Cp-RV9CuEHSRtSc9juTjmPY3XdrInUPw_GTI5OW9KbMAN-zlDLaI6GuebSMIxN9wpQdiZOBOpBgxR3xK87owTtUBPjyZ-9ZPOdkbqWeaRNQN_CVGzibJi_iKbqs5v9GfGgTzGCQjgPSwDcSXafJta0xmqAZ3-Ddz-SduVlKfKGO6vgWCY_1UWd8t99UevfdVKsjNsA3S1-JT25atFY5bFgEk_AHWD0o4xO5r_ZLz1GbJu9Uln8leE6d25PdGFBYjzQdtRoi6vAPaDjJBWXdMPeyElBg0mIbqg70L5a0jHUHjG3pcayO7hkfvcxd1tUpXwRdqpeppBsbMC1DJ-h9VwFxM_p6kO06uY58ILjLFsHVz4-mMiEfKYgfD4epk7XEiEXvdVEL-Mxdi7JIdrOMU8VV6lHwnyKNN2LFQMgGpiQlMZVEL_FFriBTG89dDvIs2HV3qRBzdIyfttuiCMEJD2ks3f-VU-33BenLU0VOc1q5uD55rPfKbfvIEOx2YMWmrRTD0pUt63RFO8EYG1qaXPotDcN5H-8M952guvhkDvqpIL3mQ_ovUfbagO3tj7f59uZaRgexYUTwsfn8TqcYXRiW375LhQEkWxizYjUigbyhctxPYEPivnxee5oTsoMkxBLeGFdGmJara2JLX0XDzPCd0idBZ7xPRdjREa2fGTAZcoZzSz4qjxMvUVRGq_iBYRl6Y5ujIf5qzos-GKe_8g-lprygd2wD1x5SOzYwa3Ugy6MrHGGC8OSRWVXdBJ6fy-PL0CODagRsfIKckHMlMMdUl0gXZ4l4x75M3ZSCveOM-BDz61ARtxK5WsGCn84oH-IgCv7ijDqiX7_0Yn3g_vrjrs3dVBqNKNxACwF6I5PZ80SpN9-2a1ykeb6s60IyZhlgrogufj4ZCm-IkSy6IoMqBteNAxyvqpU2wfcOBvzJpLIn_4pdkw0_HZpdQnYswHintWMwWyUvORyuYxVCyxG9JDLdAX-WOhvkVMPcgwZeDCXMfFVDAxbgmerKNXzI-zcK-TtUDXlI4iLP348QSvYzBBlwpI14gQWwMxgnUI21XaVhraR2mLWdvJBjwmdDgqitVh9ydn0YAEm1lXhIZ6yYiW9Yu6o2jtRsisXy_K7M94SiRi-b2ogNhQ2r2PYt8PCZYPVKLvEYo1QKgMSAvdek6VfXNFuHM8GIXAIRSNSGQqJ8FogzoNhTmCsnjTu1zLowBkrusgSu7U9Tu-wZbmKphxsdMfrngWmfc3Q41R1V3yfs2DcinMXwBYosajCQzUqCw_kfTfTDM3SHeJw_3onN2Uofa5Ap5jRGFLYYvDzWXym-F1scg_6TAxoGeSchlpmFLHrNkKBRelF4fSLmhNePxBT5wfr7S0T8GVL1Dkbb8RXWR2Lem5ms-PfOF8iOdjrB7zz4enqlrESPEz3PpQxvg0x3iIINhg4eRnDmozdf3Z10TTZqeq_XJk0JB779ycmq9c3CMVwFVZkGIuLgpKBVbweKmekkN-Xz0Og36YLPSCFToOee8B1Uuhc74kajeSAa2xvYWs8HRmM_2MXKC80EPOv5fN49LvpdUyaAKDi7gipSqLP4F6HIi3yqyhzGM0SwBxHWoRZetY3kJv7gVN9Mbh3CIwUrxad_yHSPctZR731X1cOteq0G1oI7XLpIKqUJDrh7vPfF2WL8S6p_hnh6OafgQMp380coPACQezNui7CSfLlTezEdQfkyOCkoDc2LDdwNB4zrtlV3wpn-zrC8vjjg9KGZpadgBjs9bp3p9Z3NvtQPO7G1s9hG0ZCMgVPFgY3kR1Vyb-p7biRP9nbd9B8Truv48OIEY-kdSFqIOxj3eoTrsTWMejCor7efle4FX6i-Lq0pTcESVes1fNG5a1Sznvsqn_QbezLwHhddtyirP35nBz_EZFakpQ5Ti02E0tOCVuOxPfY8tLym07IpNd69nwdRaKzHKljGE4pbQCARNreOQXO3YERqpIT47C7h5n9UY4Eh59sLvduiG03vTVdNUf-n8VCIe_evb8AZl7QpoBUecc2eXUTgukh2A8S7DbEoU_t8Kl7J3Sol48m73JAQhtpw5RPaLDDYWpMjvsykqIo3FDjDTjUBIEx3rl88xzfrnJaPDTl2IYCvSn35nsKipWLgvZiOuCMHZZdxQ6zTLS_5gDaH1fy-gGnjHiaSpWB-ezt3HJruuYRN6yk9OlXd54LSkn38tyg0IuZx0FEov9QMI6NZ9koeh6-r07X3hdnbjB1oh7TNRhx2u3pJtHul3H7n_x157GcHF3XaByCDs23CGjCNJ4XkC0KRa_cvjc86E9uYGpQ2csrJl7b8qigKwqiprIfZVXOI0_4HLHyDg2jS9bXvRqzQ15wLsLAPTc-UjRbccItfyWkHlJbi3TSkxMoJJG4RTziounAccQdHYA6S2i31BfCYzIDo6InVDOX02s8lXGMPEa1Lrx2sXEPLTSyLuh7-3JqUIqXwxFyTJhCGGmHU_GYT09zxuzd8l5sVHE9DUiFvWAk-IgV2RbBXkf82XvVSHZu7ePyuaDrRRh8nQvo7Ghx007koqpOXywEWM23NiFlyKzO3QmTvDw5rSEJa5gqkcFiWmcjk5JUz44MWRtUmWB2LXVohDcMUqQpwpQEyKH4hCOaU7PsD7NunvuHgyD-M1ajPzDB1BukriF_xdGKUNrunULYFZzWck8xsSjhRUHpWKEcvfB0oSZqQmOnxlWXFwxvEekoGc96QDx1cETyj-gKXy482NRtdljHoJVw_2xfN807hQYPpdST8qFPWvJ_Fku16kBytT731WZKyDaJ3XDmStmR3rDXWq9qnnJTfhCd16PWafcFnoTOSvhbD9amHZ8sIGBhyufY_HGoJIEROh5-1JXrU-JLSL_YY62UbiEa5Vi1bkxRibh-UVqMRoghZwyIdOGBg8YnCtlEgHZ001hwQ19n1ibbblPtdby2Pjebnj8EnBW0PT3jcnJkbEbavTwLugGRd4zgBXeXAg885TuX8Ve46Yci2xgLcwyTZVGp3-WQAFhMbLS8ackQH42pDuExdGzIV10pF-IdEcJXXnE4bG--c7kyVWkQ5lOLkf9DBwWhO1_jLacSKpgfp1RSLurexT_VcgXSAf0bbP6DL3c55BkP4tBJrc3WeExlK8vu_hmGXKVbLncC_aRgo-YisMLXsUh8YyOr39cFrFGMiovB6PAIxobvMx3EEdGuaummrSi7ghbVDXeMb7NCEx63w5X3l4A7jc5nc4aNHNRI5a7K6j3UjRpwY5IqvZfHf9zE-T3xuRdrwmKn-0RVgQyvO26AEKbl1sAcX45RtVejMKlLv1vxYO9acEQpXsbgr5KxYkOdnJz8YXN8w0cfMNRuY5UVvsp7yK0L_wuxUSvIpFyq-JXPQ7XtbJGOe5ykuwsZIuCCfE0PdV1jJQFNJ8b5PQBU9NV9pEXTxnPTF6uAp5L_r7Qu4tAkXjbS_RlWENtU2j3dVKPtUS_ujTsW61chYPH6cWcasbVtCzNkbAky5l2AH8t5enKiOvjcrZvW9jiJsEle5bDEUVVuhHJfsysDakLf0M4uI2ZQpeXtHn6L5mIsTQ2vx8UsrdkjLOYE1ZZ11Z9K3DUa8QOSfJ3ekkno6Y1ii&cid=CAQSTgDICaaN5cipSat1XOzUpL0NtG-HegCQpvatLvcDFAfKnuM-YmVZtrZrMw8Ma1ChD1qL1_AKpDkJwluSTdZthES0eIcMXJ2QQqW4gJDVhBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgekka-no-kasumi.com%2F&ds=l&xdt=1&iif=1&cor=7285942898818585000&adk=1877897942&idt=270&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30a2e2cc314fc6d4d4e3cf0a81acac72ed88177c55391ccca041fd7499ab0561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39160
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B688
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

90ms
90ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:16:48 GMT
expires: Sun, 10 Dec 2023 20:16:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 20:16:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6583 0
20 B 105ms
104ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5490147896130&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6583 0
20 B 103ms
103ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5490147896130&version=m202309260101&ct=119&x=1&cor=11106681020831543000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6583 92 KB
38 KB 143ms
142ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DuBnMTYGNL6lD6OiT0iFkAJ0iqTnBq4t7UUBeZYJwbOCZlSZATPHuh_meS2O-qh6LFtjvjJxWTihGe740S-ITDYYZQwf46sSMB7FwK1nf-QlkLu0Vk8mmjDBCer4PgRknPpkOT7dEPw3QIVEqyktHvN2cpShsnNM1msSdGJ-rjc5I9n1w&cry=1&dbm_d=AKAmf-CH8EPI0xGH-mAHAFwWJ-JMqbqpGwQdIjUNo4kpe3CvZ8ER2H94JwH2c-ZGqX37_57k9RrpZrY9ctg9sEjf_3E_V5pkwvYN3IRU0SM7sOVSyXvcCbPx8h4y_A_VE2DhncQ7C0kWb0FOtjZFqrdWabNCZosQnq_V1kZe03a1zZyMfc6cpSgoxB7cBRe-lO_8OHIqShh95V5mbV-DXMccXQb8tnr-6-8qzw0peS5h7HtUb0XxsmwvQOI_VBw_nHrKnB_bKxRAdLePVDZDKMP_jt2Ci_rH9MCWORsykZONECwnde9PRKYvsdaVHStmCiZdGxmASJFhrEPZeyjQNLMJcsUBd9D_Kn1osDgu8GhJQcknct-NSx-Tg-AUktaFFRfPGfbL7a95-OZeV_GmpIdPFPu7yTI29iSg2tOo_oEy2IkfT4aT7ZI0ZqsiSrJIXoup5KO-76AhWQlKJ48Yxt1As8CZKTe4syTgWHBhnAnNrmGdvnGDo93BAxoRPwLE7mggQfGbZl46WDjCeeN40vCbbCZ8oi05-g_gh85SkT1xKTcUFNeBgvuV-AEtKcCQkF-j0Ouzi8mx4fM8YQ1n-8M0G9TfSeu4psqj1alJ5eycywAbbbF_FxAgLI1mxMDsb5wI3_NqNMTwLRZVUnohrU9pApb6MsZKl7NwM4Z33GNUkEVBojV65Drc53G8d-G0jrOD_HnBXcRj2hhOc2LtWSm-6Eh3Bw0_CNano10mFEzJgx7C49-Zw96Ims0q_oTc5YhDHClu0OA6Fk54-I2n_mbpgEFU5wST7YeO2_qk92qM4IOFh_UYji-e-awq4L1IdqJ0yxzhZyAsXrHV_ULBkhhvCEyphMPx8vFuYc5ToC4QaJDkP8SncfaNb2GkEVmQMr_nl9ZzT61pC2s1BEp1mdc_INCOBIRlUPblxLeuMhB0b8sgwRWAuLwsiHfDGAo-6kAwczjR_cLw2waAQ_RK8UBhCN7A_lKdResF85zgV4s8K3jGrrgFbGfYkFYM0FcYtxZiTLoc356sdArCKnP_bs37lxrFyGPYwsm1TpPTxXpA29MnOacvysqPVHdh5TtcWlPycFSiKAAVWeGSqMw0vbiPtpRCgBCSXUEizRv2Jsajq2-zScCR91ZXee5tzSq_TzJ1m55Cr9ECgWQzaN7fuI2yWDfHpzthVGLZltLdQi5f60yO97HsMWZADoQ_KcBjRQ4tiX3Y0-oYLtpmyMkWO94-LqXRFm0_pt0oPvZapJBzkTBcsTXRTS9m9ih6ndRg-QIy06UtEqN3ES5TCdlIkLctUQ8Ga048kRGJToD2QthV36Bh5gmjB1Ucv5yrauMrLdezrXpAZ71mpqKX6s18bhwTK0LF4cjlRChaU3LSnMOKFOyXTA43O_K4fuMIc3AzKytyYEP3Mrw9pmxKATqWMW61iWv7e1QH3Y-RxWjY86G8Z50Ub22Yy2pR6JNDGaA-EaEs_o3197aGtcLEpDdHvBYpeZwwulvK3RkIptLjG3G1bGSMi5CtBYGvw0dlibsJzrGcXxlLYEY9Tdj8tvft1WULbxGMC8t71DfL6UYB55L0X3ozabgD9PL0p_MndSB3hu0X9jHOx196U4DzvHfDfHtMc6-V-QClT94ec4nAUegFmKctrSum9lZGIXfbWS-8lCxAdb9llkl8HIC1RhYJ--ZNaHofgBMi1jU7CQftg8IcRV2D3Cn_a5vAEMNPGwoYU299EZQLgzEwsBHWlGn6GZHANm_RtQ6WpR5UtBNm4nhwa3cAToYW7SZ-idb6GDTsGXU_oK7pD2iVWNnQfjgHczo6CN4Q4aAnr1Eq48qeopnake5fhSfbvNNpPQolzKJT6_l1c47n4Q3e7_LnRC5H1dgUHIQ8NgsVlPpHAhwjZ9dH1iIdwY5VBtVgzOEGZMUBmoyP5buIFZLkQoh6jqSbnTy450KjyxMdaTq2udIH8iuxxCou1xLt5ilMlL8W76RzZbtbm5Re4h8U2sL23gOmic9y1KHY_DW-hdRw-SiVZy8czC7ehbAs5irEYUr3nUSloYQYBLe5HBlihjGJd1k5x4b-Wso8DeehwQMCrmC95otmxQivOmNzYQBoeouH44dHVFLsItJ0AsAAVPq6ZPZooS2kRPb4Zz7P-0ZoXsXiEJvArgjmLdHGmhthX6gDzTKQkfbzZVwVzdM0R2XX94JnhUR5SF7vfRkkVmLLspKxT2XNGoDsoSsdpgfnqXiWwYDQttOTxkZccv7KJV2WndKlO3FSsUo6hO6I8-E4GpZKoLD6pgSBDSs-RBo69CfDHsjkd55VzsXRnMacRlLfpL0WEbN4G2AFTeLqyrxGKo9Xgc2mWh61soWrRrPxXtCPM9tczIRUQEZNBzl0no1cr6v9JMeoQ5wecXongR6USL0sFvHfeGZjuEX9DU8zT5IWFPbuFNUWJFLCek1qzsB83xb2qFTjpA42oAlfnwR5eEIzr7gol4r8Hxbh20XhgyJDtwmOORUU5Y46ftAyusXzLqWEqaFoR7SLP4rOUHoS1v69xJllwZ8mAQet76yox6sqNzjW6zzlNBGEK2UPNPDRVZvz0630PTq08nZ7n6AaVYdUCsLqFMbN5hCUSfi4QYQu58NoaLB0xaCMZKeZ4Ww--soinuch5fIIWL8pprLmEgbe6B1spkkcMz6i2VzJa8nhoOJfU0dDvjIMLv8SLd-RV8vUwHjJvbwoKszenaXx5PY1vi2IvEJVQ5LcsP-Q1kVQ93fHlWvfaXVPJ_ixhwwL19Y4yxY2Aj6x7uwm7oq3vY4uQasFJnaXAJL9Qg-eivxsNZLdqUGwNdkQ7uB20g2OyWAUwr_WuktLQ1OHiG_aNH7yPAef9bJP9InpDZv8DkYM-O2uHTpQZy3Pe09jIdYMQfbd3nAwwavfE79DgjctdcNQfsjtplTEM1OyJ7Ij5npTBBDdlnvKMwAjeEgB8FoxaQ83_ABOkMI6BhcgPsD5d3monmD6C8VJwKgYcuZwLQ0SEf7z-Lz1kqegS5Yfm2kRBDKbRAgH8hGrJj4GVOzHhTySdyCkkZ5m5usTfz-DJTUtPAj6zGlpGmk0QAUBROB4Zxksdy72CN17aSa3053G-pMaRx2uFVGnpHbmZ9s9KuGWjEtjOqF3rkrhjsoVlMXTLYgDPYYDeG3cg6nHGK10DfseLRX57hQGckOvDGQPy-_JdgtL7BRug5o8OLhpjOg2Rnd-8yMdIRfIiQjOUSc9BxTOefUlylEbzMaB4m0liG1zSTmaR5h08-IyRYLboWdUQ0m6zMTCiROfGXnvxLw42oSUHPjyhHtweIrJEW5zizJQc_CIVHyk9b-EtYI4QW9NgWFnkClOubZTjaVUIVmML68HN4pdiDhfe58LNcmztOAiGRrKwtmLfp_q2ZK-CMRDfTjgJptTP_r4ePemv5XZNlih_JGcfRJlyfdIQvEjHE5guV58rTQE59B_-V3rKZbw5Cu7oFq5lIjBmlS1Itt4FCD3gGKR-AKIOSOnv5ZIoEUYQVj3-eB4cRFma4GBOxKwW42KcVfqmpKVVIDBi4FD9VejzvTrmIU_WRJ6JFhyTTlKDyCABZji9_kRh17DcyA47uSBYAVtAo7iFBbIB5Lar4XxeFW0P8iUnyDWduUbx6UZDbOkzF-zwrHlxztiyByymJJrdfm3ciECH2UA9VC1x0yVUDB5gBaQPLPB2AQmCKk-Aule8qsQ0wfinVoCWjmyZGgekByhaSGmVuw9hd_2YemeAoLk4S_od7fh6EPzSQ3jmZhoZ_GicXXmkJQh_RklQOirGnIQLaJdFc2mD_9IKMRwQlu1uYBtTwyFK5GgyVpfLmKG_umAZqhmF9nd&cid=CAQSTgDICaaN5cipSat1XOzUpL0NtG-HegCQpvatLvcDFAfKnuM-YmVZtrZrMw8Ma1ChD1qL1_AKpDkJwluSTdZthES0eIcMXJ2QQqW4gJDVhBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgekka-no-kasumi.com%2F&ds=l&xdt=1&iif=1&cor=11106681020831543000&adk=521587873&idt=397&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f1f4e593f921fab2bcd47af225853a0126e5666549117c32926640790607673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38957
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 30E9 111 KB
39 KB 240ms
72ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Dec 2023 20:46:39 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 30E9 11 KB
4 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Crhs4Bpozm7tCLN1Kz-NPzNJGTq9wkubn44xRlTFu3CwY4SDB2Lvvym3Qo85KX4m5UMHpODNc4i-qzj-kApwCq2T_GksXwK1lxtDTSN6bdICYn3m6gIEQsRamfO-hrTNIrVIdSxPWEPplrBgi1zvK4TszowL5BXWn5jEJdPkf7QQpUgUo&cry=1&dbm_d=AKAmf-BneyKWmJx0ZxauUa7fInyBaySEPs2o77d0qEBy8X1KZ0SntWvDU8Lnq75pAqz8W8YAp3y58XVbyO_MBU_Zh_URa8iyKA6G8NjEM9JW3s9TBZllixxxFphd1xgXqIUmk2Qv8FwnN5-Z5Ws9AK83z374bCfcWzHdekhKKbM2XWmd2L1HZmJpbSR0RwXlF33fP192C2OL8JugnMBjNzpykRUtEoyGJo81sE9K_l3y--jusM5eaC1vG8KRVVrRXFeR_Mm1jgc-86ImmdYWRabz-HVy4sV8ZimX4hAzyWQyuUQRNBnU0HEhvevTsgUl62Mr3T00JQ3lViGtVsb9Rppp9c5m9K5Veb22713qubXSo2swAmF5xo_GmKMuG1EXNo0qnBxOvrOu5JwMXK5D-iYRZiOuSPVGdY4Q3mxX2pxlzznxN-jkAHpO4p69N8DgKwOb03CWgHzXuQc1QQh_s27QzmaFtvEMc155CoEznvJKfMqIii2IXh5eJb80n5hSPfOySK6sNLDXfyWGsR00W92tfL94orr95E2Okad18VOwa_kIP4wqMLYP-V0vKL_fO4Nz0buTnzcfCv0_rPAaSolane2Jfck251fVsHwPFU4Fwr-QEY0zYk38qo1kaBabztOrKHCU1hOO9q7eBk8fFJ5sbXqhFY779SgJ3cbnFMYPiQpO7ZZ_0PMKg96S5aM7Cs9IIRNFW-XawgOE9_uwNAcx3LWt0g8WPaTn0SFtQZ43-d1l4ECCuRzncNLZEPtONu76D4G2qvWSMAQIr24HWZCPzFw2rC3FZC8NhAmZHf6jToApoglqMCVIbWCbtMDkt7ZOHY5Txaw-lgsglwsHDDYkh931mDXOJY8MFGPOuu2zjr0xfPaqHXbHe5cwR-rxeUaUBm3QuMRkUxueRamkSoouwIU24JmoWwswzlTnISKXHdvx4ImazCAuZ3_tRh3towubyPeyyu-ntR_x_6TmkD-olc8Dq4IBdhRkzA9ByCWCSf91eN1kZQX3LtU4P8bkvd3xK_iCl4mMGOGB1uJZiGNB5_zS4Z0DDrIeHn4jyVqtTz1TbOB2nXT_UIkh7bqJJ4DfzkKyLkh5v3S4TWbg7r83j3QDiG8MbYN_I_9nMjNLMXiEsgu_9KunGPwYKvBLszg_AYt7-78cRahYXQcGfQbVQKgkUoy0mNyjN_QqRKtodktmWBR9WKuu-bGBeJzc8Yd-MlDFZ7gsuNt__PWZZDjue5BXYMTD-22xNV7otDlX5QLe9TsqqNR2qUlrmW-48viDk8zWNk47kRzA_4nNzTsHyMy2_PwDpViQAEMoq6VXMMQtooa_F5nY2G93qfFTMIkV7woj4FdmIjvKNv2kPzfxo3lCFJsIpRXqOIpGK6BHKjTi_st6yJiGHfXpRmfqV0a4AzMdYx4RSdqLmKJ5Chn8TN_jNrG5Wy-ySo9MCh_sj00dxiQL5ESYLbbSzBeiQg82xSLZpsol7ivbD7x_-EyudDnJDmYSa4_sWPDNNlDQwWvnArD7_DBcutxkvFFbb_Od9Qg5xXn-49grdzRifzgQgdijxe3lRzkS3egeaELc6_NklmRLFu_Dz2Wxe0temURjMYU54wNIXWo6lV6LGhQmxOtb30GCO6ktp03POqIz_mJavWsmEGN54FWFiLFcb7MjXz7qyuz0ZvGq1oYjFnsFS4LcFgHeAGD_O-8FfqW8NZtBkbSjvKOG--ZohjRbk7Xwv2vrB4Pb7uk2OuX2hc39ITqdvYXyXleS7fvvP3vOvlOE-9XZXl049vJXsW6b3SpJq3pszH2MNQRhVAZfqDHig5mP83YhCc6np1fCVgs1cHRsPJOfCyecac3ww7KTahqMrsXKM7Hg9r0s5zdpc-cQ1bGlb6W0XoQedWKAOMbyCUsZss0dKMHQvygmiKLdKjVgSOCgRD5mE_VuYvvWm1aatwW6fWP5trF8htmJY3YyxAdOoiw5Ppg7pyzhY3oFC29Dy1CRcHPR2j5V37OEhs7fbtIx2rZvObx3Pv2x5VUMLW_qyC593muOn7D57q4-itwaHntnWTZPehzwvEA8X9QK1s-AJoftDgrq7-uMD44_FFqViQZ706BHN0-qPT8ljpHKURPWGclXNZ9yw8qo4Yo1zPot5pI-y3vAvNYisPFep1oGVv-cZoFpy12RJyEj5f-gEcgFHcSQ2x0SsoqBLabKBExxd5dCIJdfLgaO0kgh9_jf3G0ChP3ynPXg5sDt8mT14X4p2i6PWjSVmW-ahD7NJG99bzSoGpI7i3WVgyC1dRlzUDOR9Mrc5l-ZqrRRpZmentVyOasHbtUVW9xCPSczmIVdoyHbQdSJzXFa2molK0Rc55ZpWZveVDdxqPJZezZMwcYon94qvEMJXQqwsczQHiUGI6FWyX7RU2vr-Nv32VYfX49dQWwcyjpQ1pVuPvrEyqBm-OTo3hct8X5VtR2heH0o1Wp4PAgMzZmOSxGBdbEYLFKUzvCwGOb2qkAyANGYFuLJsjikGGwr6jM8ff7rgT0YTLIjTae6TOzFzykPFzomR_jn87vVwXrCSgrDmIWYKWGYc5zxCNc6fxrz71f0wpJZABk6qNEF5q40Uo0wNapZZQTvvqk-SdqRH4cO_9XRb9mmdx2pzEcPrAgJMq36qFTJ1kxdFZm8eVa6yj5tybyXXtnubWRbOdaqyD4gJZf7B8pmB9OZmyeYjrZQ2W_IT7Bg_5Wi5bsnp31Wt-6fbfpEowYQ1FVWLNs64Mv9QtmQA5IDT6o2w5nqzpyTkC-baACUJ_eVvfq1XWwYxA3Vp3o9y6wbSVSLBp6q0CrKnqTI6irCT04SMKfpwvCwm22Ki2YBiJBMDTPOzMi9dw9HD_jOFmRbkHvqfDAZ9BzWSzoSLvrXuc7NgumEvdhw1CbxXkSqn_VbTlDt__--oOY6V6pO75Wy0wCAoRMuzBxwNgHjyWaCaEvJxDgpbNPOY4hO5p25FSJB9EZ__m02dBnOSJLHfvXNtsICyFAEKKC5OdWD5B6D2FWGUQDvLVGYgSrjJC9NYsiQN-PU4OMbm8BxOaDAArzDfn0HZGTjMh-MLRrf836DJYos3Cm3Gt7HbAT63-Lv2Guf8CklGTtoYeE8bE6H5YWFpTzGqDep0RDAn0Dz1Gq_uaJESW5O_6IzyeXvnbnvGPyFMPBc35qy3kLtGxPHgr3qOB9ZtMhUXfLcZVcujB54gU-8lHgEC1NyyEkjIfRWofka70f4_9X_naKNTorsBH1qZqic6AIdIr221LM_WKEKnWAdonk6R_nIJLTvbe-XgU9G1qBTuYOH7LPQrui0BPi7jOTqlR4m4H5BFulXOJaZQ_m53bNmGmbiGp1vcP4bD0ZftyCkuMNdMvrbKSDjz9-x7RiGYvZCPSBapTe_uJrCtFVRy4hUyeVbJliNBHpghmstaKku1xFyNch0hg1rewWCnYsFp7SgEMolqCDlxWrLwIR7QKSxXfYyar7kNaPh8pHVl5PsReWL7FGJiaLqz43xDi14_0OqfZm7OuYoSLGr3GJoP74dSbNYAsUJ77x7P4PIvoxM0dZFZ_W5PIQJSVQB5u8LgOuPnYzO8cqT3ByAdSwp_O88EM96eFF9H4Qz9q7QP2xfrkSj9tmN3qe9WcKERCfrj96dBQmTUPJ00-PpfZqb62p2JbyVevrB4Ba1l-5xbasrlCZmuZxeqnj0IDhWP-w9a1OLu4syGs9qtmtM20WYqLrg2gWH88w7DKDXTSSxPRUDR1O_PqCVPWlwKuKKxrq9pGimVYHx9tFk081mvWd6tSA1JeQ3eihInjQxn-MS50cVx3OMH7ihiDqBFJ6PLytDQBNfwHFgUD-2FS9WlBiH&cid=CAQSTgDICaaN5cipSat1XOzUpL0NtG-HegCQpvatLvcDFAfKnuM-YmVZtrZrMw8Ma1ChD1qL1_AKpDkJwluSTdZthES0eIcMXJ2QQqW4gJDVhBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgekka-no-kasumi.com%2F&ds=l&xdt=1&iif=1&cor=10455429166766570000&adk=1726166463&idt=273&cac=0&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 14:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 14:00:57 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 30E9 31 KB
12 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 19:11:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 30E9 41 KB
14 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 153055
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 01:45:53 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 84E6 111 KB
39 KB 214ms
158ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Dec 2023 20:46:39 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 84E6 11 KB
4 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DfG6Y1jxvFXMGPnQxkbNgOGhZwgjsE3evYS9VIJEuHyStci4ieB6NGkH7sMbc81C9VkLqCC-tFhVNe8zbf14GgMZ3D3bmO1ygyKExm_UXr26ZepEdMNBzdJ-HQU5ceHRlevxojjNoBNQKQJ8m7XPuyhjG2h9bmqz4WsRQ2R7w9rLUBDxw&cry=1&dbm_d=AKAmf-BhTMFSN6Gr82uhltKsvu8jcxRFwOiUxd9ZsJAgUycedDwZwaPG_ZJqUV5B7-Wb4Rc4RI0Tc76wGjQRk_mXIJeXgbE9MVLBq_LiCnnuvos9LYBcTuBlcigVawKzMW_dvvJKFylDvqfsogh5fBYT4_NmzCvw1uh6ynLeCq6tkNg0Ta7e3U-riTuLBwtQE1fIrKZyZHc1vn5M5DjQ0GUx6sr73mCpzSyt7Cp-RV9CuEHSRtSc9juTjmPY3XdrInUPw_GTI5OW9KbMAN-zlDLaI6GuebSMIxN9wpQdiZOBOpBgxR3xK87owTtUBPjyZ-9ZPOdkbqWeaRNQN_CVGzibJi_iKbqs5v9GfGgTzGCQjgPSwDcSXafJta0xmqAZ3-Ddz-SduVlKfKGO6vgWCY_1UWd8t99UevfdVKsjNsA3S1-JT25atFY5bFgEk_AHWD0o4xO5r_ZLz1GbJu9Uln8leE6d25PdGFBYjzQdtRoi6vAPaDjJBWXdMPeyElBg0mIbqg70L5a0jHUHjG3pcayO7hkfvcxd1tUpXwRdqpeppBsbMC1DJ-h9VwFxM_p6kO06uY58ILjLFsHVz4-mMiEfKYgfD4epk7XEiEXvdVEL-Mxdi7JIdrOMU8VV6lHwnyKNN2LFQMgGpiQlMZVEL_FFriBTG89dDvIs2HV3qRBzdIyfttuiCMEJD2ks3f-VU-33BenLU0VOc1q5uD55rPfKbfvIEOx2YMWmrRTD0pUt63RFO8EYG1qaXPotDcN5H-8M952guvhkDvqpIL3mQ_ovUfbagO3tj7f59uZaRgexYUTwsfn8TqcYXRiW375LhQEkWxizYjUigbyhctxPYEPivnxee5oTsoMkxBLeGFdGmJara2JLX0XDzPCd0idBZ7xPRdjREa2fGTAZcoZzSz4qjxMvUVRGq_iBYRl6Y5ujIf5qzos-GKe_8g-lprygd2wD1x5SOzYwa3Ugy6MrHGGC8OSRWVXdBJ6fy-PL0CODagRsfIKckHMlMMdUl0gXZ4l4x75M3ZSCveOM-BDz61ARtxK5WsGCn84oH-IgCv7ijDqiX7_0Yn3g_vrjrs3dVBqNKNxACwF6I5PZ80SpN9-2a1ykeb6s60IyZhlgrogufj4ZCm-IkSy6IoMqBteNAxyvqpU2wfcOBvzJpLIn_4pdkw0_HZpdQnYswHintWMwWyUvORyuYxVCyxG9JDLdAX-WOhvkVMPcgwZeDCXMfFVDAxbgmerKNXzI-zcK-TtUDXlI4iLP348QSvYzBBlwpI14gQWwMxgnUI21XaVhraR2mLWdvJBjwmdDgqitVh9ydn0YAEm1lXhIZ6yYiW9Yu6o2jtRsisXy_K7M94SiRi-b2ogNhQ2r2PYt8PCZYPVKLvEYo1QKgMSAvdek6VfXNFuHM8GIXAIRSNSGQqJ8FogzoNhTmCsnjTu1zLowBkrusgSu7U9Tu-wZbmKphxsdMfrngWmfc3Q41R1V3yfs2DcinMXwBYosajCQzUqCw_kfTfTDM3SHeJw_3onN2Uofa5Ap5jRGFLYYvDzWXym-F1scg_6TAxoGeSchlpmFLHrNkKBRelF4fSLmhNePxBT5wfr7S0T8GVL1Dkbb8RXWR2Lem5ms-PfOF8iOdjrB7zz4enqlrESPEz3PpQxvg0x3iIINhg4eRnDmozdf3Z10TTZqeq_XJk0JB779ycmq9c3CMVwFVZkGIuLgpKBVbweKmekkN-Xz0Og36YLPSCFToOee8B1Uuhc74kajeSAa2xvYWs8HRmM_2MXKC80EPOv5fN49LvpdUyaAKDi7gipSqLP4F6HIi3yqyhzGM0SwBxHWoRZetY3kJv7gVN9Mbh3CIwUrxad_yHSPctZR731X1cOteq0G1oI7XLpIKqUJDrh7vPfF2WL8S6p_hnh6OafgQMp380coPACQezNui7CSfLlTezEdQfkyOCkoDc2LDdwNB4zrtlV3wpn-zrC8vjjg9KGZpadgBjs9bp3p9Z3NvtQPO7G1s9hG0ZCMgVPFgY3kR1Vyb-p7biRP9nbd9B8Truv48OIEY-kdSFqIOxj3eoTrsTWMejCor7efle4FX6i-Lq0pTcESVes1fNG5a1Sznvsqn_QbezLwHhddtyirP35nBz_EZFakpQ5Ti02E0tOCVuOxPfY8tLym07IpNd69nwdRaKzHKljGE4pbQCARNreOQXO3YERqpIT47C7h5n9UY4Eh59sLvduiG03vTVdNUf-n8VCIe_evb8AZl7QpoBUecc2eXUTgukh2A8S7DbEoU_t8Kl7J3Sol48m73JAQhtpw5RPaLDDYWpMjvsykqIo3FDjDTjUBIEx3rl88xzfrnJaPDTl2IYCvSn35nsKipWLgvZiOuCMHZZdxQ6zTLS_5gDaH1fy-gGnjHiaSpWB-ezt3HJruuYRN6yk9OlXd54LSkn38tyg0IuZx0FEov9QMI6NZ9koeh6-r07X3hdnbjB1oh7TNRhx2u3pJtHul3H7n_x157GcHF3XaByCDs23CGjCNJ4XkC0KRa_cvjc86E9uYGpQ2csrJl7b8qigKwqiprIfZVXOI0_4HLHyDg2jS9bXvRqzQ15wLsLAPTc-UjRbccItfyWkHlJbi3TSkxMoJJG4RTziounAccQdHYA6S2i31BfCYzIDo6InVDOX02s8lXGMPEa1Lrx2sXEPLTSyLuh7-3JqUIqXwxFyTJhCGGmHU_GYT09zxuzd8l5sVHE9DUiFvWAk-IgV2RbBXkf82XvVSHZu7ePyuaDrRRh8nQvo7Ghx007koqpOXywEWM23NiFlyKzO3QmTvDw5rSEJa5gqkcFiWmcjk5JUz44MWRtUmWB2LXVohDcMUqQpwpQEyKH4hCOaU7PsD7NunvuHgyD-M1ajPzDB1BukriF_xdGKUNrunULYFZzWck8xsSjhRUHpWKEcvfB0oSZqQmOnxlWXFwxvEekoGc96QDx1cETyj-gKXy482NRtdljHoJVw_2xfN807hQYPpdST8qFPWvJ_Fku16kBytT731WZKyDaJ3XDmStmR3rDXWq9qnnJTfhCd16PWafcFnoTOSvhbD9amHZ8sIGBhyufY_HGoJIEROh5-1JXrU-JLSL_YY62UbiEa5Vi1bkxRibh-UVqMRoghZwyIdOGBg8YnCtlEgHZ001hwQ19n1ibbblPtdby2Pjebnj8EnBW0PT3jcnJkbEbavTwLugGRd4zgBXeXAg885TuX8Ve46Yci2xgLcwyTZVGp3-WQAFhMbLS8ackQH42pDuExdGzIV10pF-IdEcJXXnE4bG--c7kyVWkQ5lOLkf9DBwWhO1_jLacSKpgfp1RSLurexT_VcgXSAf0bbP6DL3c55BkP4tBJrc3WeExlK8vu_hmGXKVbLncC_aRgo-YisMLXsUh8YyOr39cFrFGMiovB6PAIxobvMx3EEdGuaummrSi7ghbVDXeMb7NCEx63w5X3l4A7jc5nc4aNHNRI5a7K6j3UjRpwY5IqvZfHf9zE-T3xuRdrwmKn-0RVgQyvO26AEKbl1sAcX45RtVejMKlLv1vxYO9acEQpXsbgr5KxYkOdnJz8YXN8w0cfMNRuY5UVvsp7yK0L_wuxUSvIpFyq-JXPQ7XtbJGOe5ykuwsZIuCCfE0PdV1jJQFNJ8b5PQBU9NV9pEXTxnPTF6uAp5L_r7Qu4tAkXjbS_RlWENtU2j3dVKPtUS_ujTsW61chYPH6cWcasbVtCzNkbAky5l2AH8t5enKiOvjcrZvW9jiJsEle5bDEUVVuhHJfsysDakLf0M4uI2ZQpeXtHn6L5mIsTQ2vx8UsrdkjLOYE1ZZ11Z9K3DUa8QOSfJ3ekkno6Y1ii&cid=CAQSTgDICaaN5cipSat1XOzUpL0NtG-HegCQpvatLvcDFAfKnuM-YmVZtrZrMw8Ma1ChD1qL1_AKpDkJwluSTdZthES0eIcMXJ2QQqW4gJDVhBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgekka-no-kasumi.com%2F&ds=l&xdt=1&iif=1&cor=7285942898818585000&adk=1877897942&idt=270&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 14:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 14:00:57 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 84E6 31 KB
12 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 19:11:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 84E6 41 KB
14 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 153055
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 01:45:53 GMT

GET
DATA 200
OK truncated
/ Frame 84E6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0df8f36c85be246cd1f54f20642fc682c61d19784656eb35d11af61f01e4bd40

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 6583 111 KB
39 KB 201ms
201ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Dec 2023 20:46:39 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 6583 11 KB
4 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DuBnMTYGNL6lD6OiT0iFkAJ0iqTnBq4t7UUBeZYJwbOCZlSZATPHuh_meS2O-qh6LFtjvjJxWTihGe740S-ITDYYZQwf46sSMB7FwK1nf-QlkLu0Vk8mmjDBCer4PgRknPpkOT7dEPw3QIVEqyktHvN2cpShsnNM1msSdGJ-rjc5I9n1w&cry=1&dbm_d=AKAmf-CH8EPI0xGH-mAHAFwWJ-JMqbqpGwQdIjUNo4kpe3CvZ8ER2H94JwH2c-ZGqX37_57k9RrpZrY9ctg9sEjf_3E_V5pkwvYN3IRU0SM7sOVSyXvcCbPx8h4y_A_VE2DhncQ7C0kWb0FOtjZFqrdWabNCZosQnq_V1kZe03a1zZyMfc6cpSgoxB7cBRe-lO_8OHIqShh95V5mbV-DXMccXQb8tnr-6-8qzw0peS5h7HtUb0XxsmwvQOI_VBw_nHrKnB_bKxRAdLePVDZDKMP_jt2Ci_rH9MCWORsykZONECwnde9PRKYvsdaVHStmCiZdGxmASJFhrEPZeyjQNLMJcsUBd9D_Kn1osDgu8GhJQcknct-NSx-Tg-AUktaFFRfPGfbL7a95-OZeV_GmpIdPFPu7yTI29iSg2tOo_oEy2IkfT4aT7ZI0ZqsiSrJIXoup5KO-76AhWQlKJ48Yxt1As8CZKTe4syTgWHBhnAnNrmGdvnGDo93BAxoRPwLE7mggQfGbZl46WDjCeeN40vCbbCZ8oi05-g_gh85SkT1xKTcUFNeBgvuV-AEtKcCQkF-j0Ouzi8mx4fM8YQ1n-8M0G9TfSeu4psqj1alJ5eycywAbbbF_FxAgLI1mxMDsb5wI3_NqNMTwLRZVUnohrU9pApb6MsZKl7NwM4Z33GNUkEVBojV65Drc53G8d-G0jrOD_HnBXcRj2hhOc2LtWSm-6Eh3Bw0_CNano10mFEzJgx7C49-Zw96Ims0q_oTc5YhDHClu0OA6Fk54-I2n_mbpgEFU5wST7YeO2_qk92qM4IOFh_UYji-e-awq4L1IdqJ0yxzhZyAsXrHV_ULBkhhvCEyphMPx8vFuYc5ToC4QaJDkP8SncfaNb2GkEVmQMr_nl9ZzT61pC2s1BEp1mdc_INCOBIRlUPblxLeuMhB0b8sgwRWAuLwsiHfDGAo-6kAwczjR_cLw2waAQ_RK8UBhCN7A_lKdResF85zgV4s8K3jGrrgFbGfYkFYM0FcYtxZiTLoc356sdArCKnP_bs37lxrFyGPYwsm1TpPTxXpA29MnOacvysqPVHdh5TtcWlPycFSiKAAVWeGSqMw0vbiPtpRCgBCSXUEizRv2Jsajq2-zScCR91ZXee5tzSq_TzJ1m55Cr9ECgWQzaN7fuI2yWDfHpzthVGLZltLdQi5f60yO97HsMWZADoQ_KcBjRQ4tiX3Y0-oYLtpmyMkWO94-LqXRFm0_pt0oPvZapJBzkTBcsTXRTS9m9ih6ndRg-QIy06UtEqN3ES5TCdlIkLctUQ8Ga048kRGJToD2QthV36Bh5gmjB1Ucv5yrauMrLdezrXpAZ71mpqKX6s18bhwTK0LF4cjlRChaU3LSnMOKFOyXTA43O_K4fuMIc3AzKytyYEP3Mrw9pmxKATqWMW61iWv7e1QH3Y-RxWjY86G8Z50Ub22Yy2pR6JNDGaA-EaEs_o3197aGtcLEpDdHvBYpeZwwulvK3RkIptLjG3G1bGSMi5CtBYGvw0dlibsJzrGcXxlLYEY9Tdj8tvft1WULbxGMC8t71DfL6UYB55L0X3ozabgD9PL0p_MndSB3hu0X9jHOx196U4DzvHfDfHtMc6-V-QClT94ec4nAUegFmKctrSum9lZGIXfbWS-8lCxAdb9llkl8HIC1RhYJ--ZNaHofgBMi1jU7CQftg8IcRV2D3Cn_a5vAEMNPGwoYU299EZQLgzEwsBHWlGn6GZHANm_RtQ6WpR5UtBNm4nhwa3cAToYW7SZ-idb6GDTsGXU_oK7pD2iVWNnQfjgHczo6CN4Q4aAnr1Eq48qeopnake5fhSfbvNNpPQolzKJT6_l1c47n4Q3e7_LnRC5H1dgUHIQ8NgsVlPpHAhwjZ9dH1iIdwY5VBtVgzOEGZMUBmoyP5buIFZLkQoh6jqSbnTy450KjyxMdaTq2udIH8iuxxCou1xLt5ilMlL8W76RzZbtbm5Re4h8U2sL23gOmic9y1KHY_DW-hdRw-SiVZy8czC7ehbAs5irEYUr3nUSloYQYBLe5HBlihjGJd1k5x4b-Wso8DeehwQMCrmC95otmxQivOmNzYQBoeouH44dHVFLsItJ0AsAAVPq6ZPZooS2kRPb4Zz7P-0ZoXsXiEJvArgjmLdHGmhthX6gDzTKQkfbzZVwVzdM0R2XX94JnhUR5SF7vfRkkVmLLspKxT2XNGoDsoSsdpgfnqXiWwYDQttOTxkZccv7KJV2WndKlO3FSsUo6hO6I8-E4GpZKoLD6pgSBDSs-RBo69CfDHsjkd55VzsXRnMacRlLfpL0WEbN4G2AFTeLqyrxGKo9Xgc2mWh61soWrRrPxXtCPM9tczIRUQEZNBzl0no1cr6v9JMeoQ5wecXongR6USL0sFvHfeGZjuEX9DU8zT5IWFPbuFNUWJFLCek1qzsB83xb2qFTjpA42oAlfnwR5eEIzr7gol4r8Hxbh20XhgyJDtwmOORUU5Y46ftAyusXzLqWEqaFoR7SLP4rOUHoS1v69xJllwZ8mAQet76yox6sqNzjW6zzlNBGEK2UPNPDRVZvz0630PTq08nZ7n6AaVYdUCsLqFMbN5hCUSfi4QYQu58NoaLB0xaCMZKeZ4Ww--soinuch5fIIWL8pprLmEgbe6B1spkkcMz6i2VzJa8nhoOJfU0dDvjIMLv8SLd-RV8vUwHjJvbwoKszenaXx5PY1vi2IvEJVQ5LcsP-Q1kVQ93fHlWvfaXVPJ_ixhwwL19Y4yxY2Aj6x7uwm7oq3vY4uQasFJnaXAJL9Qg-eivxsNZLdqUGwNdkQ7uB20g2OyWAUwr_WuktLQ1OHiG_aNH7yPAef9bJP9InpDZv8DkYM-O2uHTpQZy3Pe09jIdYMQfbd3nAwwavfE79DgjctdcNQfsjtplTEM1OyJ7Ij5npTBBDdlnvKMwAjeEgB8FoxaQ83_ABOkMI6BhcgPsD5d3monmD6C8VJwKgYcuZwLQ0SEf7z-Lz1kqegS5Yfm2kRBDKbRAgH8hGrJj4GVOzHhTySdyCkkZ5m5usTfz-DJTUtPAj6zGlpGmk0QAUBROB4Zxksdy72CN17aSa3053G-pMaRx2uFVGnpHbmZ9s9KuGWjEtjOqF3rkrhjsoVlMXTLYgDPYYDeG3cg6nHGK10DfseLRX57hQGckOvDGQPy-_JdgtL7BRug5o8OLhpjOg2Rnd-8yMdIRfIiQjOUSc9BxTOefUlylEbzMaB4m0liG1zSTmaR5h08-IyRYLboWdUQ0m6zMTCiROfGXnvxLw42oSUHPjyhHtweIrJEW5zizJQc_CIVHyk9b-EtYI4QW9NgWFnkClOubZTjaVUIVmML68HN4pdiDhfe58LNcmztOAiGRrKwtmLfp_q2ZK-CMRDfTjgJptTP_r4ePemv5XZNlih_JGcfRJlyfdIQvEjHE5guV58rTQE59B_-V3rKZbw5Cu7oFq5lIjBmlS1Itt4FCD3gGKR-AKIOSOnv5ZIoEUYQVj3-eB4cRFma4GBOxKwW42KcVfqmpKVVIDBi4FD9VejzvTrmIU_WRJ6JFhyTTlKDyCABZji9_kRh17DcyA47uSBYAVtAo7iFBbIB5Lar4XxeFW0P8iUnyDWduUbx6UZDbOkzF-zwrHlxztiyByymJJrdfm3ciECH2UA9VC1x0yVUDB5gBaQPLPB2AQmCKk-Aule8qsQ0wfinVoCWjmyZGgekByhaSGmVuw9hd_2YemeAoLk4S_od7fh6EPzSQ3jmZhoZ_GicXXmkJQh_RklQOirGnIQLaJdFc2mD_9IKMRwQlu1uYBtTwyFK5GgyVpfLmKG_umAZqhmF9nd&cid=CAQSTgDICaaN5cipSat1XOzUpL0NtG-HegCQpvatLvcDFAfKnuM-YmVZtrZrMw8Ma1ChD1qL1_AKpDkJwluSTdZthES0eIcMXJ2QQqW4gJDVhBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgekka-no-kasumi.com%2F&ds=l&xdt=1&iif=1&cor=11106681020831543000&adk=521587873&idt=397&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 14:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 14:00:57 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 6583 31 KB
12 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 19:11:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6583 41 KB
14 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 153055
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 01:45:53 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame D264 38 KB
13 KB 73ms
73ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
age: 127505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:51:43 GMT
expires: Sun, 08 Dec 2024 08:51:43 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame BB32 50 KB
19 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 15:39:12 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame ADB2 38 KB
13 KB 73ms
72ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
age: 127505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:51:43 GMT
expires: Sun, 08 Dec 2024 08:51:43 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame BCA5 38 KB
13 KB 90ms
90ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
age: 127505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:51:43 GMT
expires: Sun, 08 Dec 2024 08:51:43 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15312430290876930110/ Frame A5B4 8 KB
3 KB 226ms
79ms Document
text/html 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31c9cbdd2680df18700bfae8026599481379a9974964bd3b931a4da8411d6bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 84565
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2762
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:47:24 GMT
expires: Sun, 08 Dec 2024 20:47:24 GMT
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 30E9 0
0 297ms
116ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssaLnFgpK3JLNE5qkBMFSuim66mzaWqOevAhEl9dfG8f0nxloFCtmwOIVrvcIx5pV6gA_0j8jB2djntXpf-MJ338bxVn_cZ3WIVX98mL8glaOTFF3NmV28jmWPLW3vFGI9ObVa0hlu-jfFFQIp6J9FJ4wDIyNK4ufJkXoG7yp7eooZ52TBgIeEO2vOapjjdvj7eIGcSyx9qtKcuWU0ny806Mg2b2lCARZIIpDefx6YmYXMKVcdl4LrL6pjDzMIoK9mEmcNzWarYolEXJBr98hCiJfHzB0WQWt9npnrT9hKOHa2_lQXUbQ8zRFBdU1vwgRksNUk66jVHSzqDykmtoprKGepe2p2qeZ1ifw5Dal3I3mHinUtcv1X9LgAzWXsnGr_rJNHYMXQSMkEbJ5QBzZZToP-yeR9VKxtMonuRb0QdSBIlCTY3y_tRzQHGW3J9Mzlx9Z0_4F1_YcDkmyqOMTSw-idBIrS94brg573IDUj6wq01M0GLmGayumvrbLi3UAMAAUl13vCXSOyAh3RrmtsnNSRgBAWEzEkmhrbLKHxC46ihhtGg39kIFWVQj2tVMDFyTf-0UdI9bInS3XMq5gYIQmm1kHFx4d0qIWad5CS1ak70Kfp71e9H6FL2sb9LN2q8q1KoDWSy-jGMKuXaMcjHPbe3ElrJmvx16VHk0SZT2a1KDdDRdCSB9xCni-eve0wo8hqjXHkHtWk06DTDSEdoVDg6ds1JpQehhg1dC-oU9aZaiiir5leMImXXPf4fzlQDciM6DDUJoLPH-C63oe3xUxlbazeYE8WduhGxrlblgppTqWiBLUXaw7mAjn4qeD0kMe88cs0g9wPr-zoubkDANU1Njn4H2gv9kxMIft6i-_p4Eb6kVctLaAiaoueDOMBzFLOiRqmHlcImBgLIY-6SvMTErOafXccgAxnq-i3RIBjqlAFmWsGBRakTkYspu9MXmAe9n3ih_eM_OnpIxMBFvKh3_KlsZLUzGERYpt3LQHBlh5pdyUEPQgDjKak4p0AidzTXh4lLmqnBTTkcsesVTOM4tveiyXiXBo0xYR4-EynS0K_ShwhY-KgtaxdPtO79a5xPe8GHu4AfPDMGzhyWnTzXNbwpglpC4Rs_sJJ0RPVogdCzQcW_e5dgvRaCuJQv4uP_VAQPoU6kHBgO00SR12BxV5-EN8EFiPFcOEikJyzpdn0z82Ifg7hxbueAxLRTwvbuRk2tk3qAVpcC0RwHAaKLGvARncqprHjPJ5gVrLLB7fV4ZQXnmgaYpvqam7E59NjQ6zWEXOaxn18i3Vrv9goccS-BXyWpOv8alol1wyJHN_7avEHMBrfbklHNO8vPpRJvSQ&sai=AMfl-YQJO4OXDnO7VMudpROuKGRN-FsIRkG7dq4UAOkmx0X_vn-E_few8y4gO9375CInbDm4hp3XD1M9VLqqZNLihQHrg93MLnCqlNmQz7oBT0Mk5bzk1PN08NpYrvwnT6Yr-Cg1J-pXPysdO09gBXu_6rlhnX2KWhkP8nxNHD4GbT1RIwy-xN-JvlJmm0LHPCEbu8aL50aggITvTYLVcaHhWZxPO8hWIe2QwfzyUn8CQJo7vbdvcB0uOFtVP_S1lgDKwnCcAqb_JXZDA6yKgZM_FxRTC2qWVSOZ80YnCg&sig=Cg0ArKJSzAzcLPb4IwfCEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=433&cbvp=1&cstd=430&cisv=r20231206.23726&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 10 Dec 2023 20:16:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2685014804156549817/ Frame E640 8 KB
3 KB 217ms
74ms Document
text/html 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b64b933931e3e0eb6f2f53046293ba8a88476634c2a458117bf8d59597b766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 84854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2761
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:42:35 GMT
expires: Sun, 08 Dec 2024 20:42:35 GMT
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 84E6 0
0 290ms
114ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstszUyDXBKK4Vev6DBMJpDfJG9ToYKBfebiLbxCZpp5SFFUt5zbGFremVxR7mG0k3ZMZvZKb3UuyMAvD_WSHbnlE2tC0ClRfCjvXHKgpo7VcAdz_HTZfzGEP0tSKgw0YusAyzhOQoHSwtIPltcwx5Xv1OyAWoSoJDZAwpmBKwthQO_H3tBSAn8qHTkU55zo5qSUskvJnTiZzDJm0VpqUZoEomZTL0RAepn0smNPoZErsiNSHaFQOvJfKKRWUyiYOuNyrN4TDMRg62x1eXVt7UzH2LeGn_2pl0jG5fHi2PrRGzYQqrPzTOUGQipNKQTpVOZLnX9gQ4PCoZ-CHKJdd2zOQBG7xNxhhXlv0W9YIurfrWgHnHUqNVYfT4StZ9B_YoBaaGhc2kC_a0rn-si2_qT28h1we5qotgBf9W0mvQ1PUKejvJWFcozpvheREfYRWEzjOcbqQ4JtJgPe3npGw6XRWJ3MKsZzD9pi5Vsl1awH-Tad0lQK_ef7_jK8GdBdPSVkyiLGs0XzlngTKtzoMhMAXLAF9a1oRdRSZtt3StT8Ma1ARo3WQ8IyGlp38rdV1DZtxfh8CQvb65lk1sJ5WVBlkHkxf8kw-yJzOKjB9D9v9Bofmp-gebCOdif-_nrAmKm7ykKNo2tld996AnzZhEzp6OaTgqvwfqJSFhdLd-3dXYbzhD2CduA7TO5RcyBmcuCPyf-XHLMnQGapYNLuPm61dBj-p-kaGiCIKZP6L-ixIiu-dVS9RoLnlY45U2Clh5gzbSyWB25Yq5iEBLsRTXQfbE1Jq3TFJWZ0QGgVQgDPdBXjmDszgdsrpsufFhlEP2ysNJkwAnONvVdXUgK7kJ4ptHLZIbbCHi1E91NYl225MzKWT54dm_N5_oFYZ_vmE1p3xOl2ah0HxrPJYx_lnDd0D4CKozxIrYTVSA8IpIk1KzRuALnQsEnnhVQIsQnaa7D9YnVOC86kTiYfJ4dOSRzZ2TEA4PocC9Nd5M08gLRt_ewRre2NP3iNaHlgoyvnyi2GYPtqNNkIMz1AwyhB164famQavdui7UsKhjfui9zezyv1_vtJmKpE-D_LJXjP4WzyCGlm151iOHAe-v99XvoyuoTz9_YqFctT8vpSf2c3xj_fYn0KA09-7HJTWbs7MhpS6wnbYPATHTxrpDFyn_oHirtXJUUmMPXjcRowGpqtSF99rWPnkddK_048Ap1jsINUh7XtIwjGzIGeseQuBIbt_BcHUT17WUrwynpNy2lGWesXuE42Ngd4lY1w-C8vjpSMZvJL1RckK1IS_GZKxplX_Y4PK9JlvtzMJBr29zo9peAGieQAMzELNaHXUziPMMAH93dg2rqq&sai=AMfl-YTvrhJmWvnWGpLc5cmOPbsPSD22xw-TOGN2g4e0qTv4qucojSpXod0e2Ekk9H2Yq88RdAbQ6Gz2kwBizYGSxsV_AxNIsLMkxJKGN3IEltHeqY1BS1IIvOupUMOFQpnZw351uQZ8xO0hlMl_PhvPzyoWKj8jS9cXBA95mLJUpJOHl8nbVaLosGxbv9vMjcqgf0wi3vJtd9xa3_R-ri4Jazwq1LycLtCY2WhNpscGt2orbJh3MAg1QEmeXL_BHKjgN2Ss8YhewAhVQ7R7qCzGB_XZDqX8hoym7nG4xQ&sig=Cg0ArKJSzMdTR4t3Ug7rEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=324&cbvp=1&cstd=323&cisv=r20231206.29076&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 10 Dec 2023 20:16:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame D264 39 KB
15 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Dec 2024 09:21:44 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15312430290876930110/ Frame B833 8 KB
3 KB 202ms
84ms Document
text/html 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31c9cbdd2680df18700bfae8026599481379a9974964bd3b931a4da8411d6bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 84565
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2762
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:47:24 GMT
expires: Sun, 08 Dec 2024 20:47:24 GMT
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6583 0
0 264ms
113ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstASZInKMTf7m8pd0dbdxxeat8gcON-V6LSoePfHp5ULDX6-YvB4L6jeFVtVqwWTEsfZ3aSu7Rt6Kc57gNtHwdE_xxm95c2_T-6imRiKwY3t31sfgx_PKvdM6aoHM5eGWI6biSQnKJZKgLl-w83IRVy5ovEejVmiCoQEwM0mFkO2st3Postom4q_K81JMbwQGXBt7_40RJpHL8x05aRakW5jLo6J4dlDHoXeo9o0WWEHZfkHYSBiQepkr8a9e60P9RQ0RmPi0xCBj74SZfpo1-duxIipmp4Pu-HEdgl1lC_ntXEtGu20ocP7pg8FqXHwjevToHZ6omUN3aMvF5N4Gbe8_7n8wKPdqxZUSnwbC8BoSktS1vkE_Kz7ABi57wbX4SQDjEgqh7ss9zaRogSPM6bjph2BWEe2ziir1SAqGKJoGPhCm-HL2Qxm7aqDUhilBQsupMMbHRhFRuCrldGzVBC1qiHDahXD2EsBAaqU_4bj02KXxHw2nbCueJv03cd0M5hmavjWPpJyHMYe9GoIPxWgMPeW17_azACByAIifxySehukgcba6dMspn-I2kDVMwVejHDpctiU5dEQgDr3BxZZUt4hzHQT1xIVuX3Wzd-GerKUwoDsuiysI-AVaJ0KSVM-TgRWo1gR7ABR_eyRSNbpmW7tBAv68C8LSYRIMoQJq6gTkgO3FX_U_PN9BF77wnYxPvBPauMBvNraO3GDnma4SluWy7Lm9D8Lssy-loiLp7-IDGbqqCUdZQ_jfaqpOmcW5myhWAoZmewIJPXGtdSiZWjPcpDWQiE7Nt4P4SNOntoYMg80RF769TcbrPT8vRKZdiBUNX2XV_DKnqhEZFPdnUpu0Y70Z9jMdSJvJC4l-lE2deiG9T6qmZTZYdMdE1eRU51SqytYK4VrjFJIbi3QZ0FGuiCrgKEw1fiZktdc49zvo7Tm83XFDYs-8k_6gOv7VTya2ox9_F-yGeO_DF78cidJRUS7b2ZSWeV3EKYdNHzoK8kcRISFrxnumAmI0nY9vrMVAinnqo5aGlejIgXALQlJww7Jf7KpVXcQlzftaUkmsRxFFgjVkJeKX1yI12yM9ytxOy8OXdjR_EVgMf3CmJx3uNKNmgQDX4QWCgLW3T-zYNe4O0mKq-LCZJKisWqJYZXj9nypYYWl0q2-RMmWK2Og3S1uzMAvv0BY14KVjbJVOj9c-45ZB4E1ZoVaW2D87t8uTo-KGuwUdWmCYRfFuVh2PW223Nv376A780u1Gm7Dnr-drJwAXb4QDx-uP4ZDr5WZw5XNHXQMAOeQOIxKTtLFuUHbEEbdaqYMreNbIiETDzguBZgIPD3aLeDUzGeohtzbQ&sai=AMfl-YTv6IF0VNXUsf1sDrV1RWDt9bnWZZM1oKsH6GVq_bciA8jEUlH9IDsVobpI45AjJEUfjuhLOiL456x1X4ke5pZowAn0QD-IH7MoXLAQKex2_BZDjBYIsbVfq2uAiUCSgKVIrYn1786aSQvZfZQ1m3EsCTD6ZafLewwTrNEb_nerI6zNc_0Rvrwd31qWRuEs8sEAii9_kJjdOVCT_USKpPWe_zA3bjuOH9Pizh3rcQF6oHFanrSSM_eKOp-WfcEX69yThqQkA4X8iL0BQ2K2jVhsdworQlsP99-HwA&sig=Cg0ArKJSzGvXaXHL_9eVEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=273&cbvp=1&cstd=271&cisv=r20231206.71657&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 10 Dec 2023 20:16:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame ADB2 39 KB
15 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Dec 2024 09:21:44 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame BCA5 39 KB
15 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Dec 2024 09:21:44 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame E640 236 KB
63 KB 251ms
92ms Script
text/javascript 2a02:26f0:c900:8::5f65:4adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:c900:8::5f65:4adf Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:49 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Sun, 10 Dec 2023 20:31:49 GMT

GET
H3 200 728x90.js Show response
s0.2mdn.net/sadbundle/2685014804156549817/ Frame E640 73 KB
10 KB 75ms
74ms Script
application/x-javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

375bf4555ec7b573b0e8f79f7005d93bf6eef5c06e5ecd3e2300fc7edf62be58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121170
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9975
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 10:37:19 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame A5B4 236 KB
63 KB 343ms
185ms Script
text/javascript 2a02:26f0:c900:8::5f65:4adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:c900:8::5f65:4adf Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:49 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Sun, 10 Dec 2023 20:31:49 GMT

GET
H3 200 160x600.js Show response
s0.2mdn.net/sadbundle/15312430290876930110/ Frame A5B4 75 KB
10 KB 89ms
89ms Script
application/x-javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/160x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6b2beebe66e30194a1e4623bd545df675a6fa8356f1e24efbbb0fb1ca7fb0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168626
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10141
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 21:26:23 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame B833 236 KB
63 KB 217ms
72ms Script
text/javascript 2a02:26f0:c900:8::5f65:4adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:c900:8::5f65:4adf Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:49 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Sun, 10 Dec 2023 20:31:49 GMT

GET
H3 200 160x600.js Show response
s0.2mdn.net/sadbundle/15312430290876930110/ Frame B833 75 KB
10 KB 100ms
100ms Script
application/x-javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/160x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6b2beebe66e30194a1e4623bd545df675a6fa8356f1e24efbbb0fb1ca7fb0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168626
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10141
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 21:26:23 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D264 0
20 B 108ms
108ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BGCBxsBx2ZayRDoKGlQe7jbWwCwAAAAA4AeAEAg&bg=!rq2lreLNAAY3kmNgF5I7ADQBe5WfOEVqCRnX3sLJoPPZ8dAszJxywNj16TWuwMT3SHPyWBjYgqYS0flU-s2K_QYEuW2LAgAAAPBSAAAAA2gBB5kDYwaLnUVXcLWVg7Q5u_1Y_iIcvZPnZSK3-CKu8OHspFE_K_cnzvY4yDVH__ca9iygSa-x1DAoRQQ33K5Aju4ONICxD68Oe2t1Bq8pUPQ1AZL53I3cTj9l0OHcskDPnnGHTPQuBC-O0YY5XqA-4evGnLQ5slDl54EfrCP6jnXTInGETzt9wK9D2-jz1C57wnLedwyUycVe5_CKNTzNjKOEZfngoaDv19YkiV3xRMgB6kfZXTBYE1rDwpv1I3QnIP30Bekwea82846Nc7I2LK7yg2M2qGwXc3qFNzWmW2bRsG1uqttOuxXmZWq2LpY52LofQt55fDEioLa_zgLVL9obOygGdktioqR3LDBFP1EePIoOLUbagzJbkr24G1BJxUmI7c0HiQx6I6liBSvu8pTzh8lgUrGNSikAfYPo8ls_bnEkTMkXEX1knHxph0zNr3ySX3hcTcasMLoSUFjheOxX1P4lt-7d6U-cPWSUay9Z41i-5NWbOYRr8UbEtGSmsbFG-kxnqczImTXTLR5JunxtT3huFUZel9fJRk5q_pTh4RP2N8HjrpkPb-o0br-nr2dXBS3CkzxxwHXW3gOlxbtPKY0_ChtvqQol_yEQKzoHZCGB9IuDeXYY_zt80yY8ET4u6_L70z8Cej01OuBOvKiGy8MCBHwqeL6ioJEpx5gN-HsrEqUj5p9VDj7GKg8RroxWqRlI22990FEUiAtj6Fmnnzp-aQkunLLF5i8T2cA9_1tLKtstWBKT83y0jxAdpThbNM2EsLz0rxxDPxD4pREqDeXmYTA17w3l3kYL3U9erRAOEhfZr2u11XR5v9PYIx7TtfcrmeL-rWabxrRTMSRkccX1c8r4kOyFzz6qX3B_DdpkZ-3Z8rBzarwdDJa-_WaYoNEmciyVToFKlO6Vmz_TuoY4Zzthui9Qf4UbdeuYKuqP5Ofv_rx4E5_EEFjdQb01HAQR8F_Lkk7Rt8b1am575h0PxLM-fypt1PGrGhFwHH3B6q9XKqWYZq0kEK1egdxYzYaBk1sqf1Hb_C13NUqxcycDczHP2hWSaeBo_LtCAxBvSPamKh5HJ9GO8FG14ZUZN0HuG1XXozPdg0b_YLjoQILjDhr5Yo7vUzT4F0XBKEAGjOsLfB0dqsiCKhUQhTB7H3rWoQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ADB2 0
20 B 109ms
109ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BEKWcsBx2ZZHPEdiO1PIPzICSoAkAAAAAOAHgBAI&bg=!_f6l_rHNAAY3kmNgF5I7ADQBe5WfOJoJAqc4Dv5xR3khSX_fj-JfQqIHtAf4GtUl9RMuEs1AeYc3qzYUlC81MJMo6OgdAgAAAOhSAAAAA2gBB5kDRerLRQpl9g9COUuSjUSFce-ZBpI3nUYqZI2R2lBdBIhR62FJeQKnJgIv1TBCkyWROGt1jh-xK1XexnEtweXwIDHuk9oaBQRTTxE_h79PLpiQleuY9H2BWeADY5GAJGx1Xd4kFMmI9cI_PUSndhlfJjcu4P_KE7kXyvcwXIlqgC7VyA_AYYFxGrEAOY_9gM_lYEjhQjZcwQHdvwvkz2krPVpnGifnJq8nV946H43cGgoL_LlE0pWOxhb3qbl_h7bQAPWbp3G5G0N2q_WAw1U8JVrYa0YTKyaNQmc6il4z4-yXCr2NsBsvHDE3b-A-wtn2LE8OuE-gH3tuMOxmk7zxx9KCWQ5c_b6eyc6GLXnl8OMMUqkTbUU61Zaa_76dLoD1vcoprd_5LTzFAZfadssdxKty7GbXUkDPYaAwu1XiN9QiO7E79x-VsrPJbCzVN1EEsd8xsgwmUu4nfv4hxbCCkZVON6hjxykemngvaukoyHJ8zV10O5tOnNl6Kvs_VAhKbW9SqNBw_zmpAspNSxUvPdGGQC-5StO4Vpi1qS18SmUttrIw4KCMgXa0dV6APZhRmNsjaFzxJ0Ta8fE2hxfbECn5EEgHwApSzw77C6RJF8ZsxLL9rufNDmnhKHYP2BZ_4pIOB2o4FGPmEC2TOz2tKoUj9fZFTichO8gHb9z1p45mIwvqDYy24Ri-yB6WYpOWukVhiBaSTMECFkFKji6M5qfXivp3W5ax4I2zGeErdau6SG1vYdV0WFuMeLYtKGfV5GB1TEJ5ZIDoOeUlXGLBt8oNNsWniah9oi9vt6Syx5-vsgq4iGq2wRkqxGyQDLPBQP2KIoFQH6w8iUrduzaFgLfFjkM324oQd6AN7I1QRJbBq6PKzZPj-NvpCafd41L66Hmjo8qaKRmKC_YvennaJHxkH8HirY0w5ai1dkGkGgtfJRLv7X2ubYiJ3LDRbuCk7aB-e3ZCNzWI_BvF_bP5oz_ZBude7x1JrJp26wzyM28JgsV-dctpphbEwF8xdFMQYkKg0uOgruyLjMmkZRUjQ7VBn7pWW4tx9STTqImOm9QNOsaARr6ug0lSZUzJhytEqQ0wdSHK3pzERQrla9DZEtU2v5XLJg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BCA5 0
20 B 107ms
106ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bif0YsBx2ZaScFpP6x_APofG-EAAAAAA4AeAEAg&bg=!Q0ClQA_NAAY3kmNgF5I7ADQBe5WfOIf9GrPUCLTTW3wUAkCcPZ0B_UZFqFVydamulurQ85G1OvNePaIa4QknDW5BxSt7AgAAAQ5SAAAABGgBB5kDTcJnkcMAF5m9zdx2sy-rSE20ON_b3SfCWULtp1v8R4LNQulwF_DCgH-afns8A_42edb-VGXeMWYJZUvu2TMDW7kw8L-zPYAvxF-peP4BH17V-m9Kn452Qt4vTGKhN3SX58Z0RYT_vfNqg3J9_rZ3d5YSKLPJDvexfaPs482OBtfc6qx6c3yXPJsm8YvuuFdj1nadv5dtFROtnTM0PEwZI4l6xTarCnQ1jz4U4GPuC3wMdc7Xs7OuldZ9SoSeDHuglLoKDiW_jNdRtxUhOyTm2d1Y8F0zPNuWtkH6xEdMrHohyTiUfb_V16qjHfWqp43DiNPjT_HrjqU7VkgM3W1xohaSM4VBQXo37fIbwLjCLF55gdBNeh7El4h6PtTE4Gv2xvFBky-u3WxnNjx3v6MCyHcxpmr9vEKau4H6TyV8IwLhmGUtQ5AEvsMej9CFF4UEcYVyKxXGWTrVTdvMQgVkHMZYOrxwj_12Lsjqub0pyVZwa2sadd3EuVtFciO5c_7-6uu3Zx99DiLB0BpVLJA9RuKE7GeA0YvZGCKAhoq2sKbjEh8jlglLLYwzIzWmutbpVuwNxL2M1esgZ4AqVwGuk1wUK_UE60l2KPoT7MUyb0ZLLuUPIEjUPpd8fsEarGQVKz3NpdcoW_x-VT7wFT3vfuZS_3lhWhpJPCGvLp0_76jb58TVGVEohidvtJOlLJnOhkBJEwlNBXBocQhEhqzpfR-7y7tVzLelq71MWqd5pAaVemB5fVvPvl52vhpukzUG_od68ljPyX1nHy_5t0jLmKLOsuHa9MXSJgvFs5vzmPay1PznKLIi-ALJu76BjKCkuEvZrZLQ1P0bi7dAKbLB6t180fQLdtfzDk9bZy1ST-WQ9Wb2ws4d8m3IDjmKGASZf_GXthO5Z_M8Iq2EVEiIrUG1IOURJaLMmuRMWA4l_HgFIHTG05Us2WFmv0jQn46H2GIsdFkDR8lS3zWMFjEBe7UE37xqlJi1fDT7A5V3e6230NZv1KDwg6GS9nYKaHWu2Ue2FipU0LiTZ7nveS_id8GI2ab9jJlwTew5AE_3hEBMe07HkHf_mbbXe482UD0KM5cxs406uS9ui8ff3svYnDfMgFROJ-ZjTMQZuTTY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 background.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 25 KB
25 KB 73ms
72ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/background.jpg?1700216400989

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7e4c1d15cae6cd00fdd42938303778d99c537958527d23d7a0c23f9547ae28f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:39:11 GMT
x-content-type-options: nosniff
age: 164258
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25570
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 22:39:11 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6583 0
0 108ms
107ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstASZInKMTf7m8pd0dbdxxeat8gcON-V6LSoePfHp5ULDX6-YvB4L6jeFVtVqwWTEsfZ3aSu7Rt6Kc57gNtHwdE_xxm95c2_T-6imRiKwY3t31sfgx_PKvdM6aoHM5eGWI6biSQnKJZKgLl-w83IRVy5ovEejVmiCoQEwM0mFkO2st3Postom4q_K81JMbwQGXBt7_40RJpHL8x05aRakW5jLo6J4dlDHoXeo9o0WWEHZfkHYSBiQepkr8a9e60P9RQ0RmPi0xCBj74SZfpo1-duxIipmp4Pu-HEdgl1lC_ntXEtGu20ocP7pg8FqXHwjevToHZ6omUN3aMvF5N4Gbe8_7n8wKPdqxZUSnwbC8BoSktS1vkE_Kz7ABi57wbX4SQDjEgqh7ss9zaRogSPM6bjph2BWEe2ziir1SAqGKJoGPhCm-HL2Qxm7aqDUhilBQsupMMbHRhFRuCrldGzVBC1qiHDahXD2EsBAaqU_4bj02KXxHw2nbCueJv03cd0M5hmavjWPpJyHMYe9GoIPxWgMPeW17_azACByAIifxySehukgcba6dMspn-I2kDVMwVejHDpctiU5dEQgDr3BxZZUt4hzHQT1xIVuX3Wzd-GerKUwoDsuiysI-AVaJ0KSVM-TgRWo1gR7ABR_eyRSNbpmW7tBAv68C8LSYRIMoQJq6gTkgO3FX_U_PN9BF77wnYxPvBPauMBvNraO3GDnma4SluWy7Lm9D8Lssy-loiLp7-IDGbqqCUdZQ_jfaqpOmcW5myhWAoZmewIJPXGtdSiZWjPcpDWQiE7Nt4P4SNOntoYMg80RF769TcbrPT8vRKZdiBUNX2XV_DKnqhEZFPdnUpu0Y70Z9jMdSJvJC4l-lE2deiG9T6qmZTZYdMdE1eRU51SqytYK4VrjFJIbi3QZ0FGuiCrgKEw1fiZktdc49zvo7Tm83XFDYs-8k_6gOv7VTya2ox9_F-yGeO_DF78cidJRUS7b2ZSWeV3EKYdNHzoK8kcRISFrxnumAmI0nY9vrMVAinnqo5aGlejIgXALQlJww7Jf7KpVXcQlzftaUkmsRxFFgjVkJeKX1yI12yM9ytxOy8OXdjR_EVgMf3CmJx3uNKNmgQDX4QWCgLW3T-zYNe4O0mKq-LCZJKisWqJYZXj9nypYYWl0q2-RMmWK2Og3S1uzMAvv0BY14KVjbJVOj9c-45ZB4E1ZoVaW2D87t8uTo-KGuwUdWmCYRfFuVh2PW223Nv376A780u1Gm7Dnr-drJwAXb4QDx-uP4ZDr5WZw5XNHXQMAOeQOIxKTtLFuUHbEEbdaqYMreNbIiETDzguBZgIPD3aLeDUzGeohtzbQ&sai=AMfl-YTv6IF0VNXUsf1sDrV1RWDt9bnWZZM1oKsH6GVq_bciA8jEUlH9IDsVobpI45AjJEUfjuhLOiL456x1X4ke5pZowAn0QD-IH7MoXLAQKex2_BZDjBYIsbVfq2uAiUCSgKVIrYn1786aSQvZfZQ1m3EsCTD6ZafLewwTrNEb_nerI6zNc_0Rvrwd31qWRuEs8sEAii9_kJjdOVCT_USKpPWe_zA3bjuOH9Pizh3rcQF6oHFanrSSM_eKOp-WfcEX69yThqQkA4X8iL0BQ2K2jVhsdworQlsP99-HwA&sig=Cg0ArKJSzGvXaXHL_9eVEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=802&vt=11&dtpt=529&dett=3&cstd=271&cisv=r20231206.71657&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6583 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7392dcdfdd89a83d8bba4e754b7108fccb05ba4dfaea1d347fcb9e54c6efc5b

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 background.jpg
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 9 KB
9 KB 73ms
73ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/background.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81d4bf80a43b24660f1eb1e0884bfa90790e644f781a30c596d1b05f6c77af3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:18:48 GMT
x-content-type-options: nosniff
age: 169081
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9669
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 21:18:48 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 84E6 0
0 108ms
108ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstszUyDXBKK4Vev6DBMJpDfJG9ToYKBfebiLbxCZpp5SFFUt5zbGFremVxR7mG0k3ZMZvZKb3UuyMAvD_WSHbnlE2tC0ClRfCjvXHKgpo7VcAdz_HTZfzGEP0tSKgw0YusAyzhOQoHSwtIPltcwx5Xv1OyAWoSoJDZAwpmBKwthQO_H3tBSAn8qHTkU55zo5qSUskvJnTiZzDJm0VpqUZoEomZTL0RAepn0smNPoZErsiNSHaFQOvJfKKRWUyiYOuNyrN4TDMRg62x1eXVt7UzH2LeGn_2pl0jG5fHi2PrRGzYQqrPzTOUGQipNKQTpVOZLnX9gQ4PCoZ-CHKJdd2zOQBG7xNxhhXlv0W9YIurfrWgHnHUqNVYfT4StZ9B_YoBaaGhc2kC_a0rn-si2_qT28h1we5qotgBf9W0mvQ1PUKejvJWFcozpvheREfYRWEzjOcbqQ4JtJgPe3npGw6XRWJ3MKsZzD9pi5Vsl1awH-Tad0lQK_ef7_jK8GdBdPSVkyiLGs0XzlngTKtzoMhMAXLAF9a1oRdRSZtt3StT8Ma1ARo3WQ8IyGlp38rdV1DZtxfh8CQvb65lk1sJ5WVBlkHkxf8kw-yJzOKjB9D9v9Bofmp-gebCOdif-_nrAmKm7ykKNo2tld996AnzZhEzp6OaTgqvwfqJSFhdLd-3dXYbzhD2CduA7TO5RcyBmcuCPyf-XHLMnQGapYNLuPm61dBj-p-kaGiCIKZP6L-ixIiu-dVS9RoLnlY45U2Clh5gzbSyWB25Yq5iEBLsRTXQfbE1Jq3TFJWZ0QGgVQgDPdBXjmDszgdsrpsufFhlEP2ysNJkwAnONvVdXUgK7kJ4ptHLZIbbCHi1E91NYl225MzKWT54dm_N5_oFYZ_vmE1p3xOl2ah0HxrPJYx_lnDd0D4CKozxIrYTVSA8IpIk1KzRuALnQsEnnhVQIsQnaa7D9YnVOC86kTiYfJ4dOSRzZ2TEA4PocC9Nd5M08gLRt_ewRre2NP3iNaHlgoyvnyi2GYPtqNNkIMz1AwyhB164famQavdui7UsKhjfui9zezyv1_vtJmKpE-D_LJXjP4WzyCGlm151iOHAe-v99XvoyuoTz9_YqFctT8vpSf2c3xj_fYn0KA09-7HJTWbs7MhpS6wnbYPATHTxrpDFyn_oHirtXJUUmMPXjcRowGpqtSF99rWPnkddK_048Ap1jsINUh7XtIwjGzIGeseQuBIbt_BcHUT17WUrwynpNy2lGWesXuE42Ngd4lY1w-C8vjpSMZvJL1RckK1IS_GZKxplX_Y4PK9JlvtzMJBr29zo9peAGieQAMzELNaHXUziPMMAH93dg2rqq&sai=AMfl-YTvrhJmWvnWGpLc5cmOPbsPSD22xw-TOGN2g4e0qTv4qucojSpXod0e2Ekk9H2Yq88RdAbQ6Gz2kwBizYGSxsV_AxNIsLMkxJKGN3IEltHeqY1BS1IIvOupUMOFQpnZw351uQZ8xO0hlMl_PhvPzyoWKj8jS9cXBA95mLJUpJOHl8nbVaLosGxbv9vMjcqgf0wi3vJtd9xa3_R-ri4Jazwq1LycLtCY2WhNpscGt2orbJh3MAg1QEmeXL_BHKjgN2Ss8YhewAhVQ7R7qCzGB_XZDqX8hoym7nG4xQ&sig=Cg0ArKJSzMdTR4t3Ug7rEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=933&vt=11&dtpt=609&dett=3&cstd=323&cisv=r20231206.29076&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 background.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 25 KB
25 KB 83ms
82ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/background.jpg?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7e4c1d15cae6cd00fdd42938303778d99c537958527d23d7a0c23f9547ae28f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:39:11 GMT
x-content-type-options: nosniff
age: 164258
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25570
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 22:39:11 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 30E9 0
0 108ms
107ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssaLnFgpK3JLNE5qkBMFSuim66mzaWqOevAhEl9dfG8f0nxloFCtmwOIVrvcIx5pV6gA_0j8jB2djntXpf-MJ338bxVn_cZ3WIVX98mL8glaOTFF3NmV28jmWPLW3vFGI9ObVa0hlu-jfFFQIp6J9FJ4wDIyNK4ufJkXoG7yp7eooZ52TBgIeEO2vOapjjdvj7eIGcSyx9qtKcuWU0ny806Mg2b2lCARZIIpDefx6YmYXMKVcdl4LrL6pjDzMIoK9mEmcNzWarYolEXJBr98hCiJfHzB0WQWt9npnrT9hKOHa2_lQXUbQ8zRFBdU1vwgRksNUk66jVHSzqDykmtoprKGepe2p2qeZ1ifw5Dal3I3mHinUtcv1X9LgAzWXsnGr_rJNHYMXQSMkEbJ5QBzZZToP-yeR9VKxtMonuRb0QdSBIlCTY3y_tRzQHGW3J9Mzlx9Z0_4F1_YcDkmyqOMTSw-idBIrS94brg573IDUj6wq01M0GLmGayumvrbLi3UAMAAUl13vCXSOyAh3RrmtsnNSRgBAWEzEkmhrbLKHxC46ihhtGg39kIFWVQj2tVMDFyTf-0UdI9bInS3XMq5gYIQmm1kHFx4d0qIWad5CS1ak70Kfp71e9H6FL2sb9LN2q8q1KoDWSy-jGMKuXaMcjHPbe3ElrJmvx16VHk0SZT2a1KDdDRdCSB9xCni-eve0wo8hqjXHkHtWk06DTDSEdoVDg6ds1JpQehhg1dC-oU9aZaiiir5leMImXXPf4fzlQDciM6DDUJoLPH-C63oe3xUxlbazeYE8WduhGxrlblgppTqWiBLUXaw7mAjn4qeD0kMe88cs0g9wPr-zoubkDANU1Njn4H2gv9kxMIft6i-_p4Eb6kVctLaAiaoueDOMBzFLOiRqmHlcImBgLIY-6SvMTErOafXccgAxnq-i3RIBjqlAFmWsGBRakTkYspu9MXmAe9n3ih_eM_OnpIxMBFvKh3_KlsZLUzGERYpt3LQHBlh5pdyUEPQgDjKak4p0AidzTXh4lLmqnBTTkcsesVTOM4tveiyXiXBo0xYR4-EynS0K_ShwhY-KgtaxdPtO79a5xPe8GHu4AfPDMGzhyWnTzXNbwpglpC4Rs_sJJ0RPVogdCzQcW_e5dgvRaCuJQv4uP_VAQPoU6kHBgO00SR12BxV5-EN8EFiPFcOEikJyzpdn0z82Ifg7hxbueAxLRTwvbuRk2tk3qAVpcC0RwHAaKLGvARncqprHjPJ5gVrLLB7fV4ZQXnmgaYpvqam7E59NjQ6zWEXOaxn18i3Vrv9goccS-BXyWpOv8alol1wyJHN_7avEHMBrfbklHNO8vPpRJvSQ&sai=AMfl-YQJO4OXDnO7VMudpROuKGRN-FsIRkG7dq4UAOkmx0X_vn-E_few8y4gO9375CInbDm4hp3XD1M9VLqqZNLihQHrg93MLnCqlNmQz7oBT0Mk5bzk1PN08NpYrvwnT6Yr-Cg1J-pXPysdO09gBXu_6rlhnX2KWhkP8nxNHD4GbT1RIwy-xN-JvlJmm0LHPCEbu8aL50aggITvTYLVcaHhWZxPO8hWIe2QwfzyUn8CQJo7vbdvcB0uOFtVP_S1lgDKwnCcAqb_JXZDA6yKgZM_FxRTC2qWVSOZ80YnCg&sig=Cg0ArKJSzAzcLPb4IwfCEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1051&vt=11&dtpt=618&dett=3&cstd=430&cisv=r20231206.23726&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:16:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 30E9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6ac8b24ca31665d032bf7d76681db833757aa35654ead386de8125e040bb537

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 circle_black.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 373 B
400 B 80ms
80ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/circle_black.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c93a027b08e9a14b6dd0aab92b1f1ce8e397e2ef1fe272c73842749252a508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 09:24:31 GMT
x-content-type-options: nosniff
age: 125538
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 373
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 09:24:31 GMT

GET
H3 200 cloud_small.jpg
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 5 KB
5 KB 74ms
73ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/cloud_small.jpg

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48785a4d40b13f059fd7e607381728675d534d26c8bd4bbab39917fdcfcfd4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:28:40 GMT
x-content-type-options: nosniff
age: 193689
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4618
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 14:28:40 GMT

GET
H3 200 circle_black.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 373 B
400 B 72ms
72ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/circle_black.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c93a027b08e9a14b6dd0aab92b1f1ce8e397e2ef1fe272c73842749252a508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 09:24:31 GMT
x-content-type-options: nosniff
age: 125538
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 373
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 09:24:31 GMT

GET
H3 200 cloud_small.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 5 KB
5 KB 73ms
73ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/cloud_small.jpg?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48785a4d40b13f059fd7e607381728675d534d26c8bd4bbab39917fdcfcfd4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:43:14 GMT
x-content-type-options: nosniff
age: 84815
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4618
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:43:14 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 84E6 42 B
174 B 108ms
107ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFNZc1kyAjeQYPLVCxdk5TqRbfFLTfeiLusqCeknQC4sPDWG74tJugF79Re8HCnsSEbKyrENnz4yDPrgDtbCEr4wNUpNsPgRr1QyzBkTiYChCG6xOZvR0kOk27XRPhK5z1kSIOCzopW-ZM&sai=AMfl-YQPkVkqBo2eTDkbtg14UfobiwD-VAUwp4_Agy4sr8VxVNXG31EFKnHpjflnQ98dwnPD6F3Fx1RXQOchRwu6RZ8y0n-VCtb4yf2TxxcSfAKjPkzJbNKZ5VSHg8hk7h2GA1syz4YJlx7rbuyPFXbeij67iTSEZFGgKMI&sig=Cg0ArKJSzB5dy9TkWSmQEAE&cid=CAQSTgDICaaN5cipSat1XOzUpL0NtG-HegCQpvatLvcDFAfKnuM-YmVZtrZrMw8Ma1ChD1qL1_AKpDkJwluSTdZthES0eIcMXJ2QQqW4gJDVhBgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=914,1000,1000,1000,1000&tos=914,86,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702239407934&rpt=676&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cloud_small.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 5 KB
5 KB 72ms
72ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/cloud_small.jpg?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48785a4d40b13f059fd7e607381728675d534d26c8bd4bbab39917fdcfcfd4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:43:14 GMT
x-content-type-options: nosniff
age: 84815
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4618
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:43:14 GMT

GET
H3 200 clouds.jpg
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 8 KB
8 KB 78ms
78ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/clouds.jpg

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

043dd72980c84b4a315680bb6d62b2fdb19acc739d3bfe8596c99bbba6255c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:47:05 GMT
x-content-type-options: nosniff
age: 84584
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8612
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:47:05 GMT

GET
H3 200 clouds.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 8 KB
8 KB 74ms
74ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/clouds.jpg?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

043dd72980c84b4a315680bb6d62b2fdb19acc739d3bfe8596c99bbba6255c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:55:29 GMT
x-content-type-options: nosniff
age: 163280
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8612
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 22:55:29 GMT

GET
H3 200 clouds.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 8 KB
8 KB 72ms
72ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/clouds.jpg?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

043dd72980c84b4a315680bb6d62b2fdb19acc739d3bfe8596c99bbba6255c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:55:29 GMT
x-content-type-options: nosniff
age: 163280
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8612
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 22:55:29 GMT

GET
H3 200 CTA_2lignes.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 3 KB
3 KB 74ms
74ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/CTA_2lignes.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16d7264d40c92dad23bd3625cf3ea1bdf458ec5aca20c86e2a4e2942073a48c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:43:14 GMT
x-content-type-options: nosniff
age: 84815
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2908
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:43:14 GMT

GET
H3 200 CTA_2lignes.png
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 3 KB
3 KB 73ms
73ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/CTA_2lignes.png

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16d7264d40c92dad23bd3625cf3ea1bdf458ec5aca20c86e2a4e2942073a48c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 06:10:51 GMT
x-content-type-options: nosniff
age: 137158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2908
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 06:10:51 GMT

GET
H3 200 CTA_2lignes.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 3 KB
3 KB 72ms
72ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/CTA_2lignes.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16d7264d40c92dad23bd3625cf3ea1bdf458ec5aca20c86e2a4e2942073a48c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:43:14 GMT
x-content-type-options: nosniff
age: 84815
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2908
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:43:14 GMT

GET
H3 200 CTA_bg.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 2 KB
2 KB 73ms
73ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/CTA_bg.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a09d95b1b8242c2cca4d97b1a50690a2bafb042966a7fddb91b0cb8917f3299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 02:20:25 GMT
x-content-type-options: nosniff
age: 150984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1869
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 02:20:25 GMT

GET
H3 200 CTA_bg.png
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 2 KB
2 KB 74ms
73ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/CTA_bg.png

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a09d95b1b8242c2cca4d97b1a50690a2bafb042966a7fddb91b0cb8917f3299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:35 GMT
x-content-type-options: nosniff
age: 84854
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1869
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:42:35 GMT

GET
H3 200 CTA_bg.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 2 KB
2 KB 72ms
72ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/CTA_bg.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a09d95b1b8242c2cca4d97b1a50690a2bafb042966a7fddb91b0cb8917f3299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 02:20:25 GMT
x-content-type-options: nosniff
age: 150984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1869
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 02:20:25 GMT

GET
H3 200 footer.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 966 B
996 B 73ms
72ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/footer.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e6afb8779ad0f8807117dcf9e35a6e107dc9ebea37a2caa5bfa45ecae3491cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:56:40 GMT
x-content-type-options: nosniff
age: 166809
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 966
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 21:56:40 GMT

GET
H3 200 footer.png
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 816 B
849 B 73ms
73ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/footer.png

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b5d7d2728e8f590947a918321b0da9e2a6525ddc741dab8ef622b998cd8eb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 18:05:31 GMT
x-content-type-options: nosniff
age: 94278
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 816
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 18:05:31 GMT

GET
H3 200 footer.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 966 B
996 B 73ms
72ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/footer.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e6afb8779ad0f8807117dcf9e35a6e107dc9ebea37a2caa5bfa45ecae3491cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:56:40 GMT
x-content-type-options: nosniff
age: 166809
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 966
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 21:56:40 GMT

GET
H3 200 hero_aile_droite.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 11 KB
11 KB 73ms
72ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_aile_droite.jpg?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43d3f6fa74e8bc27524ad482620e80bf4b3c94ea1cf239837ae74b8093866a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:43:14 GMT
x-content-type-options: nosniff
age: 84815
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:43:14 GMT

GET
H3 200 hero_aile_droite.jpg
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 6 KB
6 KB 75ms
75ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/hero_aile_droite.jpg

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb9f8f519a5aadd1ebb7a08008349b92dc675c3069123ac195965cf558b43f82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:41:14 GMT
x-content-type-options: nosniff
age: 131735
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6237
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 07:41:14 GMT

GET
H3 200 hero_aile_droite.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 11 KB
11 KB 73ms
72ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_aile_droite.jpg?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43d3f6fa74e8bc27524ad482620e80bf4b3c94ea1cf239837ae74b8093866a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:43:14 GMT
x-content-type-options: nosniff
age: 84816
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:43:14 GMT

GET
H3 200 hero_aile_droite_mask.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 4 KB
4 KB 75ms
75ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_aile_droite_mask.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aa038ccaccdac46ddec123ccab8c84adf244b0590b5bad805fa3042555b77b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:51:11 GMT
x-content-type-options: nosniff
age: 84339
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3847
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:51:11 GMT

GET
H3 200 hero_aile_droite_mask.png
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 5 KB
5 KB 74ms
74ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/hero_aile_droite_mask.png

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c923dd603f1f856930fef96bee2cb3e221e9197fa78d966b5f69d7977e0005e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:48:57 GMT
x-content-type-options: nosniff
age: 84473
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5236
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:48:57 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 55ms
54ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-561MLEJ5LJ&gtm=45je3bt0v881561445&_p=1702239404606&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1328873783.1702239405&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702239405&sct=1&seg=0&dl=https%3A%2F%2Fgekka-no-kasumi.com%2F&dt=%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E&en=scroll&epn.percent_scrolled=90&_et=6&tfd=9492
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-561MLEJ5LJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gekka-no-kasumi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hero_aile_droite_mask.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 4 KB
4 KB 72ms
72ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_aile_droite_mask.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aa038ccaccdac46ddec123ccab8c84adf244b0590b5bad805fa3042555b77b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:51:11 GMT
x-content-type-options: nosniff
age: 84339
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3847
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:51:11 GMT

GET
H3 200 hero_aile_gauche.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 14 KB
14 KB 73ms
72ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_aile_gauche.jpg?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a22e3c7d89e61398dc64b45ca7608cacf7405f6f552642769c4214f75038d3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:51:11 GMT
x-content-type-options: nosniff
age: 84339
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13900
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:51:11 GMT

GET
H3 200 hero_aile_gauche.jpg
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 7 KB
7 KB 76ms
76ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/hero_aile_gauche.jpg

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9bcefdbe9f8eba53ed1a831dd4248a8bf2f4dd1c87796e8349939f374e54649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:10:23 GMT
x-content-type-options: nosniff
age: 165987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7346
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 22:10:23 GMT

GET
H3 200 hero_aile_gauche.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 14 KB
14 KB 73ms
73ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_aile_gauche.jpg?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a22e3c7d89e61398dc64b45ca7608cacf7405f6f552642769c4214f75038d3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:51:11 GMT
x-content-type-options: nosniff
age: 84339
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13900
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:51:11 GMT

GET
H3 200 hero_aile_gauche_mask.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 3 KB
3 KB 74ms
74ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_aile_gauche_mask.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5f52b2bc981cba3f144507b8256b6b64fa6eb5b7a1ac6cc83aec6d408ba7ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:57:40 GMT
x-content-type-options: nosniff
age: 191950
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3186
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 14:57:40 GMT

GET
H3 200 hero_aile_gauche_mask.png
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 4 KB
4 KB 74ms
74ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/hero_aile_gauche_mask.png

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da377ffa6f82aa6f6a7c8955c9264c98fc8561e9cd1511d51500cb07c407b405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 23:01:54 GMT
x-content-type-options: nosniff
age: 162896
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3964
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 23:01:54 GMT

GET
H3 200 hero_aile_gauche_mask.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 3 KB
3 KB 74ms
73ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_aile_gauche_mask.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5f52b2bc981cba3f144507b8256b6b64fa6eb5b7a1ac6cc83aec6d408ba7ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:57:40 GMT
x-content-type-options: nosniff
age: 191950
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3186
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 14:57:40 GMT

GET
H3 200 hero_arc.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 5 KB
5 KB 75ms
73ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_arc.jpg?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3739e2f17787f5fcd80ff4714b96dc56841ee427bb6827fb70d788b1a77af1fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:47:27 GMT
x-content-type-options: nosniff
age: 84563
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4867
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:47:27 GMT

GET
H3 200 hero_arc.jpg
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 3 KB
3 KB 74ms
73ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/hero_arc.jpg

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca97d0fea3d504255677af9171d164f2deae9ce7938797a283d9ef16be7b39b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:12:49 GMT
x-content-type-options: nosniff
age: 158641
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3002
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 00:12:49 GMT

GET
H3 200 hero_arc.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 5 KB
5 KB 74ms
73ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_arc.jpg?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3739e2f17787f5fcd80ff4714b96dc56841ee427bb6827fb70d788b1a77af1fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:47:27 GMT
x-content-type-options: nosniff
age: 84563
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4867
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:47:27 GMT

GET
H3 200 hero_arc_mask.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 2 KB
2 KB 74ms
72ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_arc_mask.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c1fcbb01950ab0236ded2c62af221a31e38daa8ba8bd73fecac91402da8705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:43:15 GMT
x-content-type-options: nosniff
age: 84815
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2356
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:43:15 GMT

GET
H3 200 hero_arc_mask.png
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 1 KB
1 KB 75ms
74ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/hero_arc_mask.png

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67207cef0f7e5f997e6c53a1eb2e2ff9623a3806973b4d455552eb8984508a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:31:48 GMT
x-content-type-options: nosniff
age: 121502
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1393
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 10:31:48 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6583 0
20 B 104ms
103ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5490147896130&version=m202309260101&ct=119&x=1&cor=11106681020831543000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6583 42 B
64 B 109ms
109ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssR3usNXbgpqbDj9cInbbpc1lN26rNfZqUL40TZh0bKnwR-LonBvKwe7631VZ2Bh1ytLPFrkLD5C6d_9yVo9TuVghQ-5IjxGj1JdUZ6M7InWuKIcdwEei8POKlUb87jHTGJlgf1bji33QSb&sai=AMfl-YQM-oCofs6Ijgv4USClr5aWauss68U_H2hxOkuOwYZ61q-NRiJxjno6sNeor-9MSEVSCo0wJj_yAb5clcXGrZQzpR5jvrHwQrl_1fBetHvFeKxZKhGr8TEw36R1MhR9BWcmwgQwWhVT_UnDtSwLUZGXNJs4EHXhMC0&sig=Cg0ArKJSzDQj6usCj7sbEAE&cid=CAQSTgDICaaN5cipSat1XOzUpL0NtG-HegCQpvatLvcDFAfKnuM-YmVZtrZrMw8Ma1ChD1qL1_AKpDkJwluSTdZthES0eIcMXJ2QQqW4gJDVhBgB&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702239407894&rpt=720&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hero_arc_mask.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 2 KB
2 KB 73ms
73ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_arc_mask.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c1fcbb01950ab0236ded2c62af221a31e38daa8ba8bd73fecac91402da8705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:43:15 GMT
x-content-type-options: nosniff
age: 84815
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2356
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:43:15 GMT

GET
H3 200 hero_perso.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 13 KB
13 KB 73ms
72ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_perso.jpg?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747c6addfd2413b959c79c25a91439206eb57ae02ea9bd5664405143ef223de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:43:03 GMT
x-content-type-options: nosniff
age: 156827
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13327
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 00:43:03 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 84E6 0
20 B 105ms
104ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1911510207036&version=m202309260101&ct=119&x=1&cor=7285942898818585000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30E9 0
20 B 104ms
104ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1631360011506&version=m202309260101&ct=119&x=1&cor=10455429166766570000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 30E9 42 B
64 B 111ms
111ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIpJMslQnI3iXFXVTLGgLEjY7aJ9SCp7O1GhjNCqdNGNIX5vo_TS6_46f0IY8l7sfh0m6PUBe3hxnG2ycX81NbDo3o5wtal8_veSChqIf1XmGLDj-KdU5Kk-rmTkbig1ilertkelyrYc-k&sai=AMfl-YT8Oc28Z9HJgcYLhNpMJvUdxpTbgLM9ADB57zoboWNajrkggB4JH7yHvcLPFXotMj7PyqGoJgYLfowB2TVtffy9X2kPDa_8nXye01z6h7eo7RNGlVXsxzOPerywzUEnNtKJb5mHhbtTI6C60kFS8m6nqQEQmUBR_Cc&sig=Cg0ArKJSzHaCs7sajJfMEAE&cid=CAQSTgDICaaN5cipSat1XOzUpL0NtG-HegCQpvatLvcDFAfKnuM-YmVZtrZrMw8Ma1ChD1qL1_AKpDkJwluSTdZthES0eIcMXJ2QQqW4gJDVhBgB&id=lidar2&mcvt=1024&p=0,0,600,160&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702239407863&rpt=746&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hero_perso.jpg
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 5 KB
5 KB 73ms
73ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/hero_perso.jpg

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

478df55aba2de863cf27ce374453298ae960a1562580b9bffc125cdb6fd0e346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 17:52:44 GMT
x-content-type-options: nosniff
age: 181446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5357
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 17:52:44 GMT

GET
H3 200 hero_perso.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 13 KB
13 KB 73ms
73ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_perso.jpg?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747c6addfd2413b959c79c25a91439206eb57ae02ea9bd5664405143ef223de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:43:03 GMT
x-content-type-options: nosniff
age: 156827
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13327
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 00:43:03 GMT

GET
H3 200 hero_perso_mask.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 3 KB
3 KB 75ms
74ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_perso_mask.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

657fbf62eea1048fca2d04b73ac0eeb62d3722fe232dd52f896c2c0e452584f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 10:36:48 GMT
x-content-type-options: nosniff
age: 294002
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2993
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 10:36:48 GMT

GET
H3 200 hero_perso_mask.png
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 2 KB
2 KB 74ms
73ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/hero_perso_mask.png

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d4665e82b9cbc20bce6de0bcb119f30f168c1f5d286969c9064ed271db92d8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:46:53 GMT
x-content-type-options: nosniff
age: 296997
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1743
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 09:46:53 GMT

GET
H3 200 hero_perso_mask.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 3 KB
3 KB 74ms
73ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_perso_mask.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

657fbf62eea1048fca2d04b73ac0eeb62d3722fe232dd52f896c2c0e452584f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 10:36:48 GMT
x-content-type-options: nosniff
age: 294002
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2993
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 10:36:48 GMT

GET
H3 200 hero_queue.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 3 KB
3 KB 74ms
74ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_queue.jpg?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1086df38a170754eeb6e103d7a6b7e985b7dac21ee58431381a31865493697bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:45:49 GMT
x-content-type-options: nosniff
age: 131461
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2898
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 07:45:49 GMT

GET
H3 200 hero_queue.jpg
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 2 KB
2 KB 74ms
73ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/hero_queue.jpg

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df923467de95c6d8557266b0445c599566806656007e801e95b2d7b00a0a56d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:36 GMT
x-content-type-options: nosniff
age: 84854
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2407
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:42:36 GMT

GET
H3 200 hero_queue.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 3 KB
3 KB 74ms
73ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_queue.jpg?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1086df38a170754eeb6e103d7a6b7e985b7dac21ee58431381a31865493697bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:45:49 GMT
x-content-type-options: nosniff
age: 131461
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2898
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 07:45:49 GMT

GET
H3 200 hero_queue_mask.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 992 B
1 KB 76ms
75ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_queue_mask.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d052eb319092f5a678b279318f8c23f1fb61e41f4cda5c68812a43fd278615c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 11:18:55 GMT
x-content-type-options: nosniff
age: 118675
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 992
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 11:18:55 GMT

GET
H3 200 hero_queue_mask.png
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 723 B
759 B 75ms
74ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/hero_queue_mask.png

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08fe1a5b549627b1d380caabd8ff66edb6e1ab5b447e95d5ee2ca511a04048bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:36 GMT
x-content-type-options: nosniff
age: 84854
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 723
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:42:36 GMT

GET
H3 200 hero_queue_mask.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 992 B
1 KB 74ms
73ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/hero_queue_mask.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d052eb319092f5a678b279318f8c23f1fb61e41f4cda5c68812a43fd278615c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 11:18:55 GMT
x-content-type-options: nosniff
age: 118675
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 992
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 11:18:55 GMT

GET
H3 200 light.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 240 B
275 B 75ms
74ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/light.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

324ecd7340ad5d2b3159f93348854cd9cfcd7edcf34f6508e3ca4ffd7a063d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:25:47 GMT
x-content-type-options: nosniff
age: 204663
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 240
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 11:25:47 GMT

GET
H3 200 light.png
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 230 B
265 B 74ms
73ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/light.png

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a22214499239ad40449a746be3908bdbb4d50373b95ee7a33c962e5c0b79195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 16:41:34 GMT
x-content-type-options: nosniff
age: 185716
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 230
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 16:41:34 GMT

GET
H3 200 light.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 240 B
275 B 75ms
73ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/light.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

324ecd7340ad5d2b3159f93348854cd9cfcd7edcf34f6508e3ca4ffd7a063d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:25:47 GMT
x-content-type-options: nosniff
age: 204663
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 240
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 11:25:47 GMT

GET
H3 200 logo_1.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 5 KB
5 KB 75ms
74ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/logo_1.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea6da7f66ffc4e7b4026c12ba6e669ff11620555c8dcfd2cb7ddcb3e8376b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:56:40 GMT
x-content-type-options: nosniff
age: 166810
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4702
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 21:56:40 GMT

GET
H3 200 logo_1.png
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 5 KB
5 KB 74ms
73ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/logo_1.png

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea6da7f66ffc4e7b4026c12ba6e669ff11620555c8dcfd2cb7ddcb3e8376b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 06:40:17 GMT
x-content-type-options: nosniff
age: 135393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4702
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 06:40:17 GMT

GET
H3 200 logo_1.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 5 KB
5 KB 74ms
73ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/logo_1.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea6da7f66ffc4e7b4026c12ba6e669ff11620555c8dcfd2cb7ddcb3e8376b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:56:40 GMT
x-content-type-options: nosniff
age: 166810
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4702
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 21:56:40 GMT

GET
H3 200 logo_2.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 5 KB
5 KB 74ms
73ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/logo_2.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a6a220226db4936bcab37bb045ce68aae5da7bfa1bb1e94251c57f8def5266e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:56:32 GMT
x-content-type-options: nosniff
age: 152418
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5316
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 01:56:32 GMT

GET
H3 200 logo_2.png
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 5 KB
5 KB 73ms
73ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/logo_2.png

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a6a220226db4936bcab37bb045ce68aae5da7bfa1bb1e94251c57f8def5266e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:36 GMT
x-content-type-options: nosniff
age: 84854
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5316
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:42:36 GMT

GET
H3 200 logo_2.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 5 KB
5 KB 73ms
72ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/logo_2.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a6a220226db4936bcab37bb045ce68aae5da7bfa1bb1e94251c57f8def5266e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:56:32 GMT
x-content-type-options: nosniff
age: 152419
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5316
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 01:56:32 GMT

GET
H3 200 pegi.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 758 B
793 B 75ms
74ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/pegi.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72c5a077497c33886c4f42b050cc9714d7c022168299342ae9a12237222ce213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 23:04:26 GMT
x-content-type-options: nosniff
age: 162745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 758
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 23:04:26 GMT

GET
H3 200 pegi.png
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 758 B
793 B 74ms
74ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/pegi.png

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72c5a077497c33886c4f42b050cc9714d7c022168299342ae9a12237222ce213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:46:53 GMT
x-content-type-options: nosniff
age: 296998
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 758
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 09:46:53 GMT

GET
H3 200 pegi.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 758 B
793 B 74ms
74ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/pegi.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72c5a077497c33886c4f42b050cc9714d7c022168299342ae9a12237222ce213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 23:04:26 GMT
x-content-type-options: nosniff
age: 162745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 758
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 23:04:26 GMT

GET
H3 200 playstation_charte.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 3 KB
3 KB 76ms
76ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/playstation_charte.png?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77a925183c2fa15958c5f2e56ab6a4d330e2b0296f9af4d8b95398677bf96379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:56 GMT
x-content-type-options: nosniff
age: 158095
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2665
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 00:21:56 GMT

GET
H3 200 playstation_charte.png
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 3 KB
3 KB 75ms
74ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/playstation_charte.png

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e0f8bae1d777d1257712538ae7bb2d31855de37fdde76f57e315a42c36af85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 16:18:31 GMT
x-content-type-options: nosniff
age: 187100
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2655
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 16:18:31 GMT

GET
H3 200 playstation_charte.png
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 3 KB
3 KB 74ms
73ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/playstation_charte.png?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77a925183c2fa15958c5f2e56ab6a4d330e2b0296f9af4d8b95398677bf96379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:21:56 GMT
x-content-type-options: nosniff
age: 158095
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2665
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 00:21:56 GMT

GET
H3 200 sun.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame B833 6 KB
6 KB 75ms
74ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/sun.jpg?1700216400989

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdcc9205fe74aab84dd7c95a500dc9c763576da670639444c8c4b70a5d8f2511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 10:36:49 GMT
x-content-type-options: nosniff
age: 294002
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6133
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 10:36:49 GMT

GET
H3 200 sun.jpg
s0.2mdn.net/sadbundle/2685014804156549817/images/ Frame E640 6 KB
6 KB 73ms
72ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2685014804156549817/images/sun.jpg

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdcc9205fe74aab84dd7c95a500dc9c763576da670639444c8c4b70a5d8f2511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2685014804156549817/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 06:40:17 GMT
x-content-type-options: nosniff
age: 135394
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6133
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:41:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 06:40:17 GMT

GET
H3 200 sun.jpg
s0.2mdn.net/sadbundle/15312430290876930110/images/ Frame A5B4 6 KB
6 KB 73ms
72ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15312430290876930110/images/sun.jpg?1700216400989

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdcc9205fe74aab84dd7c95a500dc9c763576da670639444c8c4b70a5d8f2511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15312430290876930110/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 10:36:49 GMT
x-content-type-options: nosniff
age: 294002
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6133
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:40:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 10:36:49 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 56ms
56ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FPC3XEC025&gtm=45je3bt0v9114174993z89114528700&_p=1702239404606&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1328873783.1702239405&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&sid=1702239405&sct=1&seg=0&dl=https%3A%2F%2Fgekka-no-kasumi.com%2F&dt=%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E&_s=2&tfd=12702
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FPC3XEC025&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gekka-no-kasumi.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gekka-no-kasumi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 55ms
55ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8PC0V2T516&gtm=45je3bt0v9114528700&_p=1702239404606&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1328873783.1702239405&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&sid=1702239406&sct=1&seg=0&dl=https%3A%2F%2Fgekka-no-kasumi.com%2F&dt=%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E&_s=2&tfd=12703
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8PC0V2T516&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gekka-no-kasumi.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gekka-no-kasumi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIpLSI-teFgwMVE_0RCB2huA8CEAAYACCqzM5iQhMIhL6h-deFgwMVRa-aCh0VnAJQ;dc_eps=AHas8cBqqzWX2tNMwwxtFKGfQXQlE77NOyoCxKAH8oq0rQk4uF4KUivOb9hLrQQ5o09WECguko-eIrY;met=1;&timestamp=1702239419397;eid1...
ade.googlesyndication.com/ddm/activity/ Frame 6583 42 B
107 B 281ms
111ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIpLSI-teFgwMVE_0RCB2huA8CEAAYACCqzM5iQhMIhL6h-deFgwMVRa-aCh0VnAJQ;dc_eps=AHas8cBqqzWX2tNMwwxtFKGfQXQlE77NOyoCxKAH8oq0rQk4uF4KUivOb9hLrQQ5o09WECguko-eIrY;met=1;&timestamp=1702239419397;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIkeeD-teFgwMVWAdVCB1MgASUEAAYACDfsM5iQhMIhb6h-deFgwMVRa-aCh0VnAJQ;dc_eps=AHas8cDC0K_7bpAfZvwwPE2h02dcg9AUVZ8ulbnKQvBluNT91xHXJT8dE69iTm8-IM5JQFItDlxFNCQ;met=1;&timestamp=1702239419448;eid1...
ade.googlesyndication.com/ddm/activity/ Frame 84E6 42 B
107 B 231ms
112ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkeeD-teFgwMVWAdVCB1MgASUEAAYACDfsM5iQhMIhb6h-deFgwMVRa-aCh0VnAJQ;dc_eps=AHas8cDC0K_7bpAfZvwwPE2h02dcg9AUVZ8ulbnKQvBluNT91xHXJT8dE69iTm8-IM5JQFItDlxFNCQ;met=1;&timestamp=1702239419448;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIrKmA-teFgwMVAkPlCh27Rg22EAAYACCqzM5iQhMIg76h-deFgwMVRa-aCh0VnAJQ;dc_eps=AHas8cDIMAcT4Y607QkFnn6GUj7u_C1la9QP3kybvHuX42-Fjp3H7p4APMpoG3SUSzgmeXxend4I5g0;met=1;&timestamp=1702239419449;eid1...
ade.googlesyndication.com/ddm/activity/ Frame 30E9 42 B
401 B 228ms
111ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIrKmA-teFgwMVAkPlCh27Rg22EAAYACCqzM5iQhMIg76h-deFgwMVRa-aCh0VnAJQ;dc_eps=AHas8cDIMAcT4Y607QkFnn6GUj7u_C1la9QP3kybvHuX42-Fjp3H7p4APMpoG3SUSzgmeXxend4I5g0;met=1;&timestamp=1702239419449;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:16:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DRK1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 48 KB
0 643ms
642ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRK1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:17:05 GMT
last-modified: Thu, 13 Oct 2022 08:30:21 GMT
server: nginx
etag: "3d291-5eae651e9adb9"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 250513
expires: Sun, 17 Dec 2023 20:17:05 GMT

GET
H2 200 GNB1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 213 KB
213 KB 642ms
642ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/GNB1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: ed3c5bf39d8a53722d045a9d7688bc17e6940df622fafcd0651baf6bac741636

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:17:05 GMT
last-modified: Thu, 13 Oct 2022 08:30:29 GMT
server: nginx
etag: "352cc-5eae6526c4b09"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 217804
expires: Sun, 17 Dec 2023 20:17:05 GMT

GET
H2 200 NIN1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 276 KB
276 KB 322ms
322ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/NIN1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 16c882993a940c7402192bffff614fdbd22968efca99bac650063e7acc4dfa1b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:17:08 GMT
last-modified: Thu, 13 Oct 2022 08:29:35 GMT
server: nginx
etag: "44f11-5eae64f2d7cba"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 282385
expires: Sun, 17 Dec 2023 20:17:08 GMT

GET
H2 200 dc_oe=ChMIpLSI-teFgwMVE_0RCB2huA8CEAAYACCqzM5iQhMIhL6h-deFgwMVRa-aCh0VnAJQ;dc_eps=AHas8cBqqzWX2tNMwwxtFKGfQXQlE77NOyoCxKAH8oq0rQk4uF4KUivOb9hLrQQ5o09WECguko-eIrY;met=1;&timestamp=1702239429400;eid1...
ade.googlesyndication.com/ddm/activity/ Frame 6583 42 B
107 B 110ms
109ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:17:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIkeeD-teFgwMVWAdVCB1MgASUEAAYACDfsM5iQhMIhb6h-deFgwMVRa-aCh0VnAJQ;dc_eps=AHas8cDC0K_7bpAfZvwwPE2h02dcg9AUVZ8ulbnKQvBluNT91xHXJT8dE69iTm8-IM5JQFItDlxFNCQ;met=1;&timestamp=1702239429454;eid1...
ade.googlesyndication.com/ddm/activity/ Frame 84E6 42 B
107 B 111ms
110ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:17:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIrKmA-teFgwMVAkPlCh27Rg22EAAYACCqzM5iQhMIg76h-deFgwMVRa-aCh0VnAJQ;dc_eps=AHas8cDIMAcT4Y607QkFnn6GUj7u_C1la9QP3kybvHuX42-Fjp3H7p4APMpoG3SUSzgmeXxend4I5g0;met=1;&timestamp=1702239429466;eid1...
ade.googlesyndication.com/ddm/activity/ Frame 30E9 42 B
107 B 111ms
110ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 20:17:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 MNK1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 207 KB
207 KB 641ms
641ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/MNK1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 297c0d7825ebb6743ab5898c1f7c12c459c975cc8999eae82c0e62bab5f45b74

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:17:11 GMT
last-modified: Thu, 13 Oct 2022 08:29:49 GMT
server: nginx
etag: "33abb-5eae6500732ca"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 211643
expires: Sun, 17 Dec 2023 20:17:11 GMT

GET
H2 200 DRG1-640x360.png
gekka-no-kasumi.com/wp-content/uploads/2022/10/ 261 KB
261 KB 322ms
322ms Image
image/png 183.181.96.20
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gekka-no-kasumi.com/wp-content/uploads/2022/10/DRG1-640x360.png
Requested by: Host: gekka-no-kasumi.com
URL: https://gekka-no-kasumi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.20 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12659.xserver.jp
Software: nginx /
Resource Hash: 1b92d601922abf7afc05dc7c5840db3d92ccce7e0f2c2cd0394c7542867e9407

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gekka-no-kasumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:17:14 GMT
last-modified: Thu, 13 Oct 2022 08:29:56 GMT
server: nginx
etag: "413f3-5eae6506ade45"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 267251
expires: Sun, 17 Dec 2023 20:17:14 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ir-jp.amazon-adsystem.com
URL: https://ir-jp.amazon-adsystem.com/e/ir?t=harukasetsuna-22&language=ja_JP&l=li2&o=9&a=B071WK62JG

Domain: ir-jp.amazon-adsystem.com
URL: https://ir-jp.amazon-adsystem.com/e/ir?t=harukasetsuna-22&language=ja_JP&l=li2&o=9&a=4757579004

Domain: ir-jp.amazon-adsystem.com
URL: https://ir-jp.amazon-adsystem.com/e/ir?t=harukasetsuna-22&language=ja_JP&l=li2&o=9&a=B08W3SL6T7

Domain: ir-jp.amazon-adsystem.com
URL: https://ir-jp.amazon-adsystem.com/e/ir?t=harukasetsuna-22&language=ja_JP&l=li2&o=9&a=B09SG3RW69

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gekka-no-kasumi.com/	1970-01-21 02:26:39	Name: _ga_561MLEJ5LJ Value: GS1.1.1702239405.1.0.1702239405.0.0.0
.gekka-no-kasumi.com/	1970-01-21 02:26:39	Name: _ga Value: GA1.2.1328873783.1702239405
.gekka-no-kasumi.com/	1970-01-20 16:52:05	Name: _gid Value: GA1.2.1235522349.1702239407
.gekka-no-kasumi.com/	1970-01-20 16:50:39	Name: _gat_gtag_UA_214735621_1 Value: 1
.gekka-no-kasumi.com/	1970-01-20 16:50:39	Name: _gat_gtag_UA_214735621_2 Value: 1
.doubleclick.net/	1970-01-21 02:26:39	Name: IDE Value: AHWqTUmfN6XmQ6Z3MyWG0MSzFr-7JPzsayYsBVf7KNs_V1i7YndwU1UWpNT7-Mmd
.gekka-no-kasumi.com/	1970-01-21 02:12:15	Name: __gads Value: ID=9fb7c9436374f763:T=1702239407:RT=1702239407:S=ALNI_MYQgeK-Z2WRj0x73QrArTfeNyz8vQ
.gekka-no-kasumi.com/	1970-01-21 02:12:15	Name: __gpi Value: UID=00000d115aaa2540:T=1702239407:RT=1702239407:S=ALNI_MZFVWI3FsFJ1nFMQgmkYEa76OVW9A
.casalemedia.com/	1970-01-21 01:36:15	Name: CMID Value: ZXYcsD95mkQ.QfbBqFROIwAA
.casalemedia.com/	1970-01-20 19:00:15	Name: CMPS Value: 1827
.casalemedia.com/	1970-01-20 19:00:15	Name: CMPRO Value: 1827
.adnxs.com/	1970-01-20 19:00:15	Name: uuid2 Value: 7496511691779590436
.adnxs.com/	1970-01-20 19:00:15	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In1iy`3R!]tbPl1M>e)ZlrFUfJ+tGXxpS_g*ie=7#tE:Dsc5HSz[A<U(R%`dV[l5hi:Z3If)y3KL9D3I?+g=K_Jf
.doubleclick.net/	1970-01-20 16:50:43	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 21:09:51	Name: APC Value: AfxxVi5tq6I-he11PVxeExAv5nbnnkJftMSjEFE2k5zTIwZJ-IJMkQ
.gekka-no-kasumi.com/	1970-01-21 02:26:39	Name: _ga_FPC3XEC025 Value: GS1.1.1702239405.1.0.1702239408.0.0.0
.gekka-no-kasumi.com/	1970-01-21 02:26:39	Name: _ga_8PC0V2T516 Value: GS1.1.1702239406.1.0.1702239408.0.0.0

32 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://gekka-no-kasumi.com/ Message: Mixed Content: The page at 'https://gekka-no-kasumi.com/' was loaded over HTTPS, but requested an insecure element 'http://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E_%E7%99%BD%E6%96%87%E5%AD%97.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gekka-no-kasumi.com/ Message: Mixed Content: The page at 'https://gekka-no-kasumi.com/' was loaded over HTTPS, but requested an insecure element 'http://gekka-no-kasumi.com/wp-content/uploads/2022/01/%E5%85%A8%E8%88%AC.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gekka-no-kasumi.com/ Message: Mixed Content: The page at 'https://gekka-no-kasumi.com/' was loaded over HTTPS, but requested an insecure element 'http://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E_%E7%99%BD%E6%96%87%E5%AD%97.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gekka-no-kasumi.com/ Message: Mixed Content: The page at 'https://gekka-no-kasumi.com/' was loaded over HTTPS, but requested an insecure element 'http://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E_%E7%99%BD%E6%96%87%E5%AD%97.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gekka-no-kasumi.com/(Line 631) Message: Mixed Content: The page at 'https://gekka-no-kasumi.com/' was loaded over HTTPS, but requested an insecure element 'http://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E_%E7%99%BD%E6%96%87%E5%AD%97.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gekka-no-kasumi.com/(Line 631) Message: Mixed Content: The page at 'https://gekka-no-kasumi.com/' was loaded over HTTPS, but requested an insecure element 'http://gekka-no-kasumi.com/wp-content/uploads/2022/01/%E5%85%A8%E8%88%AC.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gekka-no-kasumi.com/(Line 631) Message: Mixed Content: The page at 'https://gekka-no-kasumi.com/' was loaded over HTTPS, but requested an insecure element 'http://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E3%83%98%E3%83%83%E3%83%80%E3%83%BC%E8%83%8C%E6%99%AF%E8%A9%A6%E4%BD%9C5.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gekka-no-kasumi.com/ Message: Mixed Content: The page at 'https://gekka-no-kasumi.com/' was loaded over HTTPS, but requested an insecure element 'http://gekka-no-kasumi.com/wp-content/uploads/2022/10/004-2_maru.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gekka-no-kasumi.com/(Line 1748) Message: Mixed Content: The page at 'https://gekka-no-kasumi.com/' was loaded over HTTPS, but requested an insecure element 'http://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E_%E7%99%BD%E6%96%87%E5%AD%97.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gekka-no-kasumi.com/(Line 1748) Message: Mixed Content: The page at 'https://gekka-no-kasumi.com/' was loaded over HTTPS, but requested an insecure element 'http://gekka-no-kasumi.com/wp-content/uploads/2021/08/%E6%9C%88%E4%B8%8B%E3%83%8E%E9%9C%9E_%E7%99%BD%E6%96%87%E5%AD%97.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%83%AA%E3%83%A5%E3%82%A6%E3%83%9F%E3%83%B3%20R-KL&fonts[str]=fC7mnIjkuIvjg47pnJ7pgZnvvLzmsJfou73jgavjg5Xjgqnjg63jg7zjgZfjgabjga3vvIHvvI%2FjgrPjg5RMSU5FUG9ja2V044Gv44OWRmFiVHdpcuOCt%2BOCp%2BOCouOBmeOCiyhkc3lnbD1uW10pcHVoe30744OX44Op44Kk44OQ44Od44Oq44GK5ZWP44GE5ZCI44KP44Gb44Gd44Gu5LuW44CB5LuV5...fjgb7jg7vmiKbpl5jlhajoiKzphY3kv6HopovjgarjgaPjgYzjgrrnp7vooYzlvozmsLTpgYHmmYLjgr%2FjgrLjg4jjgY%2FpgKPmiZPjgZXjgozjgojjgYLoh6rli5VRJkHjgajjgZHjgbg2NOS%2Bv%2BOBoeWIpeODoOi2o%2BWRs%2BWAi%2BS6uueahOOCquOCuea8q%2BeUu%2BODi%2BOCk%2BOCgueUsemAgeOCr%2BOCqOWGheWuueODiuWMv%2BWQjeOCsOS9k%2BODpeaghOOBiOiJr%2BaAneaEn%2BaDs%2BOCo%2BODieWsieiomOOBnOOBsuODs%2BW5uOOCq%2BODhuOCtOiqreOCgDPjgJDjgJHmmpfpu5LpqI7lo6vnhYnnjYTnt6jpm7blvI%2FlsaTpq5jngavlipvjgq3kvovjg6zlv43ogIV244KB44Oe56ucNTnop6Poqqzlv5znlKjmnIDmlrDnnYDnn6Xjg5s%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%83%AA%E3%83%A5%E3%82%A6%E3%83%9F%E3%83%B3%20R-KL&fonts[str]=fC7mnIjkuIvjg47pnJ7pgZnvvLzmsJfou73jgavjg5Xjgqnjg63jg7zjgZfjgabjga3vvIHvvI%2FjgrPjg5RMSU5FUG9ja2V044Gv44OWRmFiVHdpcuOCt%2BOCp%2BOCouOBmeOCiyhkc3lnbD1uW10pcHVoe30744OX44Op44Kk44OQ44Od44Oq44GK5ZWP44GE5ZCI44KP44Gb44Gd44Gu5LuW44CB5LuV5...fjgb7jg7vmiKbpl5jlhajoiKzphY3kv6HopovjgarjgaPjgYzjgrrnp7vooYzlvozmsLTpgYHmmYLjgr%2FjgrLjg4jjgY%2FpgKPmiZPjgZXjgozjgojjgYLoh6rli5VRJkHjgajjgZHjgbg2NOS%2Bv%2BOBoeWIpeODoOi2o%2BWRs%2BWAi%2BS6uueahOOCquOCuea8q%2BeUu%2BODi%2BOCk%2BOCgueUsemAgeOCr%2BOCqOWGheWuueODiuWMv%2BWQjeOCsOS9k%2BODpeaghOOBiOiJr%2BaAneaEn%2BaDs%2BOCo%2BODieWsieiomOOBnOOBsuODs%2BW5uOOCq%2BODhuOCtOiqreOCgDPjgJDjgJHmmpfpu5LpqI7lo6vnhYnnjYTnt6jpm7blvI%2FlsaTpq5jngavlipvjgq3kvovjg6zlv43ogIV244KB44Oe56ucNTnop6Poqqzlv5znlKjmnIDmlrDnnYDnn6Xjg5s%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%83%AA%E3%83%A5%E3%82%A6%E3%83%9F%E3%83%B3%20R-KL&fonts[str]=fC7mnIjkuIvjg47pnJ7pgZnvvLzmsJfou73jgavjg5Xjgqnjg63jg7zjgZfjgabjga3vvIHvvI%2FjgrPjg5RMSU5FUG9ja2V044Gv44OWRmFiVHdpcuOCt%2BOCp%2BOCouOBmeOCiyhkc3lnbD1uW10pcHVoe30744OX44Op44Kk44OQ44Od44Oq44GK5ZWP44GE5ZCI44KP44Gb44Gd44Gu5LuW44CB5LuV5...fjgb7jg7vmiKbpl5jlhajoiKzphY3kv6HopovjgarjgaPjgYzjgrrnp7vooYzlvozmsLTpgYHmmYLjgr%2FjgrLjg4jjgY%2FpgKPmiZPjgZXjgozjgojjgYLoh6rli5VRJkHjgajjgZHjgbg2NOS%2Bv%2BOBoeWIpeODoOi2o%2BWRs%2BWAi%2BS6uueahOOCquOCuea8q%2BeUu%2BODi%2BOCk%2BOCgueUsemAgeOCr%2BOCqOWGheWuueODiuWMv%2BWQjeOCsOS9k%2BODpeaghOOBiOiJr%2BaAneaEn%2BaDs%2BOCo%2BODieWsieiomOOBnOOBsuODs%2BW5uOOCq%2BODhuOCtOiqreOCgDPjgJDjgJHmmpfpu5LpqI7lo6vnhYnnjYTnt6jpm7blvI%2FlsaTpq5jngavlipvjgq3kvovjg6zlv43ogIV244KB44Oe56ucNTnop6Poqqzlv5znlKjmnIDmlrDnnYDnn6Xjg5s%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%95%E3%81%8F%E3%82%89%E3%81%8E%E8%9B%8D%E9%9B%AA&fonts[str]=44Kr44OG44K044Oq44O8RjE06Zai6YCj44Kw44OD44K644Of44Op44OX44Ks44Oz44OW44Os44Kk5pqX6buS6aiO5aOr44OR5L6N56uc44Oi44Kv5b%2BN6ICFUSZB44Go44Oh44K744K444G444Gu5Zue562U6LOq5ZWP44O744GK5L6%2F44KK44Kz44OK6YGZ44GL44KJ55%2Bl44Gb5Yil5paw552A6KiY5LqL5pyA44Ob44OgMA%3D%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%95%E3%81%8F%E3%82%89%E3%81%8E%E8%9B%8D%E9%9B%AA&fonts[str]=44Kr44OG44K044Oq44O8RjE06Zai6YCj44Kw44OD44K644Of44Op44OX44Ks44Oz44OW44Os44Kk5pqX6buS6aiO5aOr44OR5L6N56uc44Oi44Kv5b%2BN6ICFUSZB44Go44Oh44K744K444G444Gu5Zue562U6LOq5ZWP44O744GK5L6%2F44KK44Kz44OK6YGZ44GL44KJ55%2Bl44Gb5Yil5paw552A6KiY5LqL5pyA44Ob44OgMA%3D%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%95%E3%81%8F%E3%82%89%E3%81%8E%E8%9B%8D%E9%9B%AA&fonts[str]=44Kr44OG44K044Oq44O8RjE06Zai6YCj44Kw44OD44K644Of44Op44OX44Ks44Oz44OW44Os44Kk5pqX6buS6aiO5aOr44OR5L6N56uc44Oi44Kv5b%2BN6ICFUSZB44Go44Oh44K744K444G444Gu5Zue562U6LOq5ZWP44O744GK5L6%2F44KK44Kz44OK6YGZ44GL44KJ55%2Bl44Gb5Yil5paw552A6KiY5LqL5pyA44Ob44OgMA%3D%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%97%E3%81%BE%E3%81%AA%E3%81%BF&fonts[str]=44K%2F44Oz44Kv44Oh44Os44O8MA%3D%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%97%E3%81%BE%E3%81%AA%E3%81%BF&fonts[str]=44K%2F44Oz44Kv44Oh44Os44O8MA%3D%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%97%E3%81%BE%E3%81%AA%E3%81%BF&fonts[str]=44K%2F44Oz44Kv44Oh44Os44O8MA%3D%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%83%AA%E3%83%A5%E3%82%A6%E3%83%9F%E3%83%B3%20R-KL&fonts[str]=fC7mnIjkuIvjg47pnJ7pgZnvvLzmsJfou73jgavjg5Xjgqnjg63jg7zjgZfjgabjga3vvIHvvI%2FjgrPjg5RMSU5FUG9ja2V044Gv44OWRmFiVHdpcuOCt%2BOCp%2BOCouOBmeOCiyhkc3lnbD1uW10pcHVoe30744OX44Op44Kk44OQ44Od44Oq44GK5ZWP44GE5ZCI44KP44Gb44Gd44Gu5LuW44CB5LuV5...fjgb7jg7vmiKbpl5jlhajoiKzphY3kv6HopovjgarjgaPjgYzjgrrnp7vooYzlvozmsLTpgYHmmYLjgr%2FjgrLjg4jjgY%2FpgKPmiZPjgZXjgozjgojjgYLoh6rli5VRJkHjgajjgZHjgbg2NOS%2Bv%2BOBoeWIpeODoOi2o%2BWRs%2BWAi%2BS6uueahOOCquOCuea8q%2BeUu%2BODi%2BOCk%2BOCgueUsemAgeOCr%2BOCqOWGheWuueODiuWMv%2BWQjeOCsOS9k%2BODpeaghOOBiOiJr%2BaAneaEn%2BaDs%2BOCo%2BODieWsieiomOOBnOOBsuODs%2BW5uOOCq%2BODhuOCtOiqreOCgDPjgJDjgJHmmpfpu5LpqI7lo6vnhYnnjYTnt6jpm7blvI%2FlsaTpq5jngavlipvjgq3kvovjg6zlv43ogIV244KB44Oe56ucNTnop6Poqqzlv5znlKjmnIDmlrDnnYDnn6Xjg5s%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924
other	warning	URL: https://gekka-no-kasumi.com/ Message: Failed to decode downloaded font: https://webfonts.xserver.jp/advance/mkfont/ja/107/ts?condition=e38123f77e9d6dc18df78efa3e2dfa1f&eid=K18MUcZzRRA%3D&location=https%3A%2F%2Fgekka-no-kasumi.com%2F&bw[name]=Chrome&bw[ftf]=0&bw[os]=Windows&fonts[family]=%E3%81%95%E3%81%8F%E3%82%89%E3%81%8E%E8%9B%8D%E9%9B%AA&fonts[str]=44Kr44OG44K044Oq44O8RjE06Zai6YCj44Kw44OD44K644Of44Op44OX44Ks44Oz44OW44Os44Kk5pqX6buS6aiO5aOr44OR5L6N56uc44Oi44Kv5b%2BN6ICFUSZB44Go44Oh44K744K444G444Gu5Zue562U6LOq5ZWP44O744GK5L6%2F44KK44Kz44OK6YGZ44GL44KJ55%2Bl44Gb5Yil5paw552A6KiY5LqL5pyA44Ob44OgMA%3D%3D
other	warning	URL: https://gekka-no-kasumi.com/ Message: OTS parsing error: invalid sfntVersion: 791289924

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
ajax.googleapis.com
blog.with2.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.createjs.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gekka-no-kasumi.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
img.finalfantasyxiv.com
ir-jp.amazon-adsystem.com
lds-img.finalfantasyxiv.com
m.media-amazon.com
pagead2.googlesyndication.com
region1.google-analytics.com
s0.2mdn.net
t0.gstatic.com
tpc.googlesyndication.com
webfonts.xserver.jp
ws-fe.amazon-adsystem.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www17.a8.net
www22.a8.net
ir-jp.amazon-adsystem.com
104.64.170.193
142.250.186.130
142.250.186.34
142.250.186.66
153.120.49.87
172.64.151.101
183.181.96.20
185.89.210.101
2001:4860:4802:32::36
202.226.37.225
2600:9000:2490:ae00:1d:d7f6:39d3:7a61
2606:4700::6810:5714
2606:4700::6811:180e
2a00:1450:4001:800::2002
2a00:1450:4001:802::200a
2a00:1450:4001:803::2006
2a00:1450:4001:80f::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2008
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a02:26f0:c900:8::5f65:4adf
3.112.186.112
52.119.170.28
52.222.236.32
01dceac7a8797dcddad1b2a00bf41e977e8418b003022416e10d0de696775718
03c762b9364316fe254b87db0a3b3b418de66c2334d7b3d0d5af597c1fc35fcf
03c8a2ac1af4021e48cd150019936388ef7179090ca15635b6e68a001013af69
043dd72980c84b4a315680bb6d62b2fdb19acc739d3bfe8596c99bbba6255c1e
05c93a027b08e9a14b6dd0aab92b1f1ce8e397e2ef1fe272c73842749252a508
05e0f8bae1d777d1257712538ae7bb2d31855de37fdde76f57e315a42c36af85
07463065874649f8f8795c60019f59f5f4912c4ebbadda4902be5e6d8fcb074f
07ed98a3b2e3e5f1d3c8f5feb13211b469f30dd6aba8274652a10aeea3c44c7f
08fe1a5b549627b1d380caabd8ff66edb6e1ab5b447e95d5ee2ca511a04048bc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb5af18639dfc54932f4340945c1dceeb1e5aac5933b578f2ab597f29137599
0d052eb319092f5a678b279318f8c23f1fb61e41f4cda5c68812a43fd278615c
0df8f36c85be246cd1f54f20642fc682c61d19784656eb35d11af61f01e4bd40
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1086df38a170754eeb6e103d7a6b7e985b7dac21ee58431381a31865493697bd
12a391d5a481e671c153303324be8365250683fba215b1bc3800152bd27d62f6
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16ae355a44618e8930477d56bffb4b03b27811ac47cf025a03b88392772b8fd5
16c882993a940c7402192bffff614fdbd22968efca99bac650063e7acc4dfa1b
16d7264d40c92dad23bd3625cf3ea1bdf458ec5aca20c86e2a4e2942073a48c2
1771aad88d0164b8f869d097851c94cc83d1a837f12fe8de39d0f309fe45f33c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ec62a7cf6e9f6bc62d924850886f6c65cc108e32d077d57a6ab591ecacf156
1b2b9e59887c17ed0a61af10a7d94cd8d7856e7d3780a0f71a7f09ef31a86d76
1b92d601922abf7afc05dc7c5840db3d92ccce7e0f2c2cd0394c7542867e9407
1baae8e47e441abac03b5be86bc0c92464fd273e6025d80ddc6b1827bd36af92
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
20cec3a1aa8cc4bbf688918605185230d5ffc725b2c36c155ffeddd2e93417ad
20f10af39ce515ef6555b1214483b829e36e457908bd93a55b1d4837ac852a40
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
27d7cbd0f47b3c947ec845d47d830d0393d5c0a9fae65eab6b490c79ff2214b9
297c0d7825ebb6743ab5898c1f7c12c459c975cc8999eae82c0e62bab5f45b74
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2db3edbb4338c0357720209dbac84b1697f727c84273e1bb4abaf2e39ab21d05
30a2e2cc314fc6d4d4e3cf0a81acac72ed88177c55391ccca041fd7499ab0561
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3178bb1690f47a0d14c672e294c63adde0592e2afc80d46c8fcd72206ee09d5d
31c9cbdd2680df18700bfae8026599481379a9974964bd3b931a4da8411d6bc6
324ecd7340ad5d2b3159f93348854cd9cfcd7edcf34f6508e3ca4ffd7a063d4a
3366c9a13a670b1f53202a99d7fa0de311822a2d58bb05a06fcf273e5a99b2fc
36664f6529c5d8217af1fb3b55daaf23489bab6e97e7960e4a52495f41272036
372fa4b0f21bf643d55f67f3fa831cc7ab480b91cd11fcc850ebb44cc490b93e
3739e2f17787f5fcd80ff4714b96dc56841ee427bb6827fb70d788b1a77af1fa
3751104d350d8d0f8e470dee328af04f3756fc00f456da97df1be9ebc05fac6e
375bf4555ec7b573b0e8f79f7005d93bf6eef5c06e5ecd3e2300fc7edf62be58
3854779897861fc0c29a85ce47b8ab3456fa239f0d8484d77e8737ea3abaf738
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a09d95b1b8242c2cca4d97b1a50690a2bafb042966a7fddb91b0cb8917f3299
3d4c84c1644ec2fcf6e59cf9b576e2be1aeddd8011de89fd0427a0ef2315a694
3e6afb8779ad0f8807117dcf9e35a6e107dc9ebea37a2caa5bfa45ecae3491cc
40b64b933931e3e0eb6f2f53046293ba8a88476634c2a458117bf8d59597b766
416dfff70a0941f532af5b1b053c7f77c6b1f1dc1bffe92b3b6e6ac57075bab2
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
427a692ab6dc95c7cbaa2bb4fc96a03729d6f332b3d9eb2a0a98e77831dea0fb
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43d3f6fa74e8bc27524ad482620e80bf4b3c94ea1cf239837ae74b8093866a81
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
45ae39b83ce75a8dbf0febf1e5b630fc54a713039ccfad6b46238212a1b858a9
478df55aba2de863cf27ce374453298ae960a1562580b9bffc125cdb6fd0e346
48785a4d40b13f059fd7e607381728675d534d26c8bd4bbab39917fdcfcfd4df
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f1f4e593f921fab2bcd47af225853a0126e5666549117c32926640790607673
4f5be18bfb9a65abec19d2ab187a3d5008b55d193811fa5557a19ba2247d0b33
50b415d35552f4b088d9e3e92ec9a46be5b499ac05a44034aedc677b3523e00e
56a76001e47f0b1f5e421956fef054f349943e793501faad19dc63429395e425
59c17570d4f97bcc025b337acf5bc8d348e7f56796913806292a41da82b30f25
5bbf0b6502199ad3bfdac4d910b304ad0fd6a07d38f13d386b433829c2b651b3
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c80505133c2b387dbe571c9b908be7e815b86ec57d1cb8de7f1b8212cb0d304
5cbbd4c70dd9505c880c33a1d33ec9996531d00cdd6a80786446d44d1c34b2fa
5d76ce57e286c2eee0fdaf6fd10764d93d24f25c1cd2f65b026985cab4fff419
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6191255f831d1bce275c2b2480bacc8042c70d6e3ba24279f18e53235b54c62b
61fd9f7b7f48caa12170ed562a9d00b948b26a6381550005ba6b3f75e26616f4
62d488ea36e8a9825f058050d92c778e9734e929f4c68289f884c4f980d93b2e
657fbf62eea1048fca2d04b73ac0eeb62d3722fe232dd52f896c2c0e452584f4
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67207cef0f7e5f997e6c53a1eb2e2ff9623a3806973b4d455552eb8984508a67
677f16abe5b4b304b00dfac39f98b1fcbfde271ca22ffb3099fd0cc6bf80a524
6821ca4ae2508bdba08e189040928a0769f0a71b12fdd4325c3ae80ef5636bb8
68786a0d96efc556026d729da8463f547ec0da396866b2ad0260d503fb17b5e1
695e0b318a3127cd115b3fcc46944461c1545157479c1d01feb0d0c58f904149
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6a22214499239ad40449a746be3908bdbb4d50373b95ee7a33c962e5c0b79195
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f
702706bb34de6eeddcb094ef47f54f7e27a4c1990e205aa66c533a8482ed9d85
70a01c74e416d55d22922317d3aad135253a47e1042c1441d3867ddf3f13b0c0
70b31859862eb4792df8aa4daa383b355918490f84d956eb5ec12f3aa53b98bd
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
72c5a077497c33886c4f42b050cc9714d7c022168299342ae9a12237222ce213
742defd20336d8ac878b62e675d77e1d1f723bc5b71c9278cc5b98de626e1f65
747c6addfd2413b959c79c25a91439206eb57ae02ea9bd5664405143ef223de7
750d4f1e0b8fdb69f378820bb89ee33cb089bf55815c8b392acebd1dd5217657
75db663f63c3505c2d1d2c41b82da41465bcd39b390516728f7fd323f95f644e
7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3
77a925183c2fa15958c5f2e56ab6a4d330e2b0296f9af4d8b95398677bf96379
78b89aa4b48f508c7833c2b177c7f16d803f9cbac869771b2434968a5b4454b6
7a6a220226db4936bcab37bb045ce68aae5da7bfa1bb1e94251c57f8def5266e
7bfdab3639f65de3a7ee3739e6fe2fd8d7caafd7c84d81d59aee168127149ff7
807b626980aa2f6b984a501a2cb507da8973736f4cf71fd356c28087dc55aa29
80f72478bff029d379adc18094e8c2e05a903f9df33cc3cf4b6b20c8a2011cc0
82dfce8760ca230bb796f728f5444cec9f3611c94bfe33298cad70aa524e0eb2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
870c782e7adf8218b1599dc0a2e3e79c87eaa6aecbacd74c3fda4572501c5511
8bebf0d4ddf01b1b36bc61508a9f49506b4470bd9b43155c925cff5bf5aa25a9
8c3b3708dd61923b22cf7fc2af1f7afc2818dc672a72cfe38c032c65929db1bc
8cf6b0ea38e65bd94401db5eebd6949b56fee5f488ce95bb36703e45755a6b62
8d4665e82b9cbc20bce6de0bcb119f30f168c1f5d286969c9064ed271db92d8f
8db907d98173c24e0697eee04d69924d42f7b79f40bd8e02c4fc62aa7a77044e
8ea6da7f66ffc4e7b4026c12ba6e669ff11620555c8dcfd2cb7ddcb3e8376b35
96804ca351bd316085be362f11ec8d96b4eb5bc671f09fc7c9bc2f5eb6a498b7
97f65015a491719ae9dbf1afc7948f8e57f946a6822c6a924fb5826265e89af6
99a82385c107ac5efac03331fbe9a779a18d14730c2b769027b6669ffd91faa3
99e53bb31e43c292021c755283b7f8cbcc3efa6db50ddab953e352a20f541b75
9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a
9c923dd603f1f856930fef96bee2cb3e221e9197fa78d966b5f69d7977e0005e
9f0f8495b6aa810aa13618bb9c1f22d7212e887024ab5381671be8f0619f6832
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a0fadfcb29de9d60aa0ef729fca932b7c31910e4a096864010157b123ec9f4d7
a22e3c7d89e61398dc64b45ca7608cacf7405f6f552642769c4214f75038d3cf
a22eb9b68ecc267209d105c2e37651bfe008b8db88b81f4c001c3d2504b6ae15
a330a0196da3072001cf3494d57e3ae7bd7ed26db7214a24e9f7488d2e7e9d54
a4a297be9e07aa9382d21796dbb404206b5b56a98eb916cee2fc9dca18d43529
a4c1fcbb01950ab0236ded2c62af221a31e38daa8ba8bd73fecac91402da8705
a6385fd389127baaf589b604b0573565a85e4c660e20a4e7307c964d5046da50
a6b2beebe66e30194a1e4623bd545df675a6fa8356f1e24efbbb0fb1ca7fb0db
a8bf738eb3962036e3b131260550f452f292a6d392993f3c05c2f438829d0b67
a945b38123553f00373e1b55e984c4aa642a6416aabe61e9b1810fa0684ed4ff
a9db2e1b815a1de1440efcca7a74f60252c315da44774ebf78d29440e05a6c25
aa4ce1879084683ab392c6268fa0f034572ed9e9c22b5db9bf3ee142ac8dfaa8
abd30ce315ff361f1b9ec565aabe8b8057c3ee5b1e7df5378c8eddce38f4f430
ac3ffb71b2f89868c908d62364b8512502aa9b8ff6f12eb192f510ad9b349330
ad163f38e07adcf5b324e9ff12bf50beb763539dfaba69278f141bb14144b39a
af0f96462799a9eccfa6c5a30819ea991f9c0c4eddaa2984a638dc473c03ce2f
b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b182ce9818749272518c3638442485626394afd6ac6cc38ff7a2f882c3253373
b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067
b5da7316f6aba1d9e5d7a912dd6d381311efb8959a35e108416d570c8745fbab
b6ac8b24ca31665d032bf7d76681db833757aa35654ead386de8125e040bb537
b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab
b96773c4b9e609994855c2ff9b4463610ee73c5a4a3f11938d88dcc2894d1c16
bb902f8c758e42501777d1f999bf1f6954bfc6b1729c5f748a85ceb0a1e5418c
bdcc9205fe74aab84dd7c95a500dc9c763576da670639444c8c4b70a5d8f2511
c21dc968819eab15345ca6f57d18f258e4d54479aeb570d07b03daaf731c311c
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2ca44748573300c502d74ce68e4ab57ff952e496d0327a1a48040cade4784ba
c364cef4508d2a28e0bd8117ee3f512101e91bd7f8c784514fc277bb4615e13e
c54947e67503bb21778d64789ceac992de7249f7cbcfea7dc233e7db5c2a72fa
c7e4b214068cce010314ad81890bf22e525883bead39ddb8ca247a84794c3ac1
c81d4bf80a43b24660f1eb1e0884bfa90790e644f781a30c596d1b05f6c77af3
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c9fefa23da3533747fdfe64cd273aba048ebb8a96fcf5d7ffc983699097c2c0c
ca97d0fea3d504255677af9171d164f2deae9ce7938797a283d9ef16be7b39b9
cae133251ac87a0262ef320408201c7be43766447246858f1eaaae41c0e7ffb6
caed392a399c3ab794fc055c3ea59f1a99230f67bf05fdae5f422344c36f771e
cc4a3abaab97dbcd71253b20c906c1d63a3299a41f1ea3363e909ed143b2af42
cdbcb41557b2860c3e955d41f5a14ec5f5e7fcff150d5a5a3583a0283400dbe1
cdcaa771e7265ff69e374f9fef053fd9ae91567074983aa1a61bf74a3001490b
d0006a87f68b26d4775b6d118939f02cb694e787fe4e94cd1248bd46a17b3364
d04b1faa2da8b85f4f650a0ed3645bb5aee8b8faa5ce054de1115b315059ad68
da377ffa6f82aa6f6a7c8955c9264c98fc8561e9cd1511d51500cb07c407b405
dab69af700e302b9d41e9267aeff95d778fe26e000f4038b7b07cc1e3c87034e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df923467de95c6d8557266b0445c599566806656007e801e95b2d7b00a0a56d1
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2fa69feab176160c642026437a980e8d82132c225290fcfb0c50a333dd31552
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e5012081d6d2190f7cef10df3b8a19dbda725c430ebf8931b56e820b10e8e587
e5b5d7d2728e8f590947a918321b0da9e2a6525ddc741dab8ef622b998cd8eb4
e5f52b2bc981cba3f144507b8256b6b64fa6eb5b7a1ac6cc83aec6d408ba7ded
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e98b27d59723cdf19cb87b69322d9b4aa0c9a4eb3402cf8944ea94a3e082de3e
e9bcefdbe9f8eba53ed1a831dd4248a8bf2f4dd1c87796e8349939f374e54649
ea6b03f54820c7ce3aa1378f599c83a4a07fad0d58667c98c586af1119a186d0
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb9f8f519a5aadd1ebb7a08008349b92dc675c3069123ac195965cf558b43f82
ed3c5bf39d8a53722d045a9d7688bc17e6940df622fafcd0651baf6bac741636
ef189bf0e502073d3becc0c5f09692d014539f680f7326859d1a719f2a9b1b59
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17f72445932b16d39475b09b03d9baec8cebb7ad60ac74f3bbed56e3cdc7e46
f563642e7589abf892c5e8d0919e5dbd1d837509ed160f364d4cc7d18998dffe
f5aa038ccaccdac46ddec123ccab8c84adf244b0590b5bad805fa3042555b77b
f667549e0edbeb0bdaf577c95c81f62189d5d03d36f3d84f5281ce952921368b
f6956c081898cba209f04bf3a248390c30564a1042f500d1152ecb50429acbce
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f7392dcdfdd89a83d8bba4e754b7108fccb05ba4dfaea1d347fcb9e54c6efc5b
f7e4c1d15cae6cd00fdd42938303778d99c537958527d23d7a0c23f9547ae28f
fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328
fac02a96e87d9afaa0ccb933490c281386d6f3b3971e419c747fd6e1f5875e1f

gekka-no-kasumi.com Open in urlscan Pro 183.181.96.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

319 Requests

93 %HTTPS

60 %IPv6

21 Domains

32 Subdomains

28 IPs

5 Countries

19446 kBTransfer

24502 kBSize

17 Cookies

17 Outgoing links

Page URL History

Redirected requests

319 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gekka-no-kasumi.com Open in urlscan Pro
183.181.96.20 Public Scan

Screenshot
Live screenshot

Full Image

319
Requests

93 %
HTTPS

60 %
IPv6

21
Domains

32
Subdomains

28
IPs

5
Countries

19446 kB
Transfer

24502 kB
Size

17
Cookies

319 HTTP transactions
3 data transactions