cloudo3.com Open in urlscan Pro
2606:4700:3108::ac42:292e Public Scan

Software

sffe /

Resource Hash

2c786d88b5ba39b57548fd3e8520d014c80d73b30c87fc77f88f45e9c9e91e06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28731
x-xss-protection: 0
server: sffe
etag: "1308 / 474 of 1000 / last-modified: 1660860461"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 19 Aug 2022 07:58:18 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
57 KB 183ms
102ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cloudo3.com
URL: https://cloudo3.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

102644accb9cca8aa0fc21df28a605b81aab244ba7315ff97c5b2c085fa00c90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57547
x-xss-protection: 0
server: cafe
etag: 14015954177200709573
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Aug 2022 07:58:18 GMT

POST
H2 200 rum Show response
cloudo3.com/cdn-cgi/ 0
211 B 6ms
6ms XHR
text/plain 2606:4700:3108::ac42:292e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudo3.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:292e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://cloudo3.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
content-type: application/json

Response headers

date: Fri, 19 Aug 2022 07:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://cloudo3.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 73d157e4bf11345d-NRT
vary: Origin

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 80ms
3ms Script
text/javascript 2404:6800:4004:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-60267223-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6801
date: Fri, 19 Aug 2022 06:04:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 19 Aug 2022 08:04:57 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/ 342 KB
120 KB 83ms
82ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5539afe40c3680e6d2afdaebf6fbb07079d82d408ad462b42c50abb404f0b712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122960
x-xss-protection: 0
server: cafe
etag: 14297843151156546291
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Aug 2022 07:58:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220817/r20190131/ Frame E503 10 KB
5 KB 45ms
2ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220817/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 29540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 23:45:58 GMT
etag: 8616628553774171045
expires: Thu, 01 Sep 2022 23:45:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_2022081501.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
131 KB 3ms
2ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 06:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90415
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133600
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:36:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 18 Aug 2023 06:51:23 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 164 B
131 B 76ms
40ms XHR
application/json 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cloudo3.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

cafe /

Resource Hash

7971ead81afff0bdb54f7332b6671d7a47e04e0016edf644e77683c596e0720f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Aug 2022 07:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106
x-xss-protection: 0
expires: Fri, 19 Aug 2022 07:58:18 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 12ms
4ms Preflight
application/json 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcloudo3.com%2F&domain=cloudo3.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://cloudo3.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://cloudo3.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 19 Aug 2022 07:58:17 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 925
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 32ms
19ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220819

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4d1f5cd789186c23e27ea6b14357e0969043ee3bab2272306f75ad3fa5a42b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cloudo3.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 19 Aug 2022 07:58:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17837
x-jsd-version: 1.0.1436
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19127-FRA, cache-iad-kiad7000117-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66b-vX/KBvdmmoQKZ6VHxwlYkYtGIaI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7somd8EZ1hWvTVKsNOuYhQFSxItpHae9ffjTeIDQXY78kjWMKju67ciYNMnu3Cgm45XFcuV9%2FhOkba3zFkFkjNiqKy4mtkDbQhx0SdJ9a%2F0Zp29vLIQ5zuxYNXaVQrpDZws2mNTKWib828803pk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 73d157e689941ec8-NRT
access-control-expose-headers: *

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ 454 B
1 KB 994ms
246ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3002

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

ba9837aa1932c720f1b1ff324f107d7be33c836cebf7ca7d4aed71d9610f6d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://cloudo3.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://cloudo3.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8
transfer-encoding: chunked

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcloudo3.com%2F&domain=cloudo3.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=7icj1Xxta1VmNUhKYmtxejRIQ3l2Wkc1UmhlZW9OVjlRcVVsSFBVWXFaWU8zYk9wMFRQc2RJUEROZXdHbUZnOWx3dXBzQmtmakYxSWlDRS9qZ3BIdUpqWFkvWmdUMERna2NmTk1pVE1oUTMrUWdlRFVNc3kyL0laMFNHY0...

347 B
616 B

6ms
3ms

XHR
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=7icj1Xxta1VmNUhKYmtxejRIQ3l2Wkc1UmhlZW9OVjlRcVVsSFBVWXFaWU8zYk9wMFRQc2RJUEROZXdHbUZnOWx3dXBzQmtmakYxSWlDRS9qZ3BIdUpqWFkvWmdUMERna2NmTk1pVE1oUTMrUWdlRFVNc3kyL0laMFNHY0IxZkY4aHdKd3dVbWYvSW9Iandyb250bkViUUZSZ1dPb2tUTzk0UGw3NjJQbnU4OGJlMHJQeFNMMWtjVWxJSHhHVlJNUzlhRGczR0tmUlFIemlPRklKU0IzSWxodVRzUkM0M2lHazNXTjRiYUVhOUp0T3NBPXw&cppv=2

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

5e28bba7b42b03235fa78f55db424723e6a10b37cf72e4a95daf4ec1eb128137

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:18 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2156
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:18 GMT
location: https://mug.criteo.com/sid?cpp=7icj1Xxta1VmNUhKYmtxejRIQ3l2Wkc1UmhlZW9OVjlRcVVsSFBVWXFaWU8zYk9wMFRQc2RJUEROZXdHbUZnOWx3dXBzQmtmakYxSWlDRS9qZ3BIdUpqWFkvWmdUMERna2NmTk1pVE1oUTMrUWdlRFVNc3kyL0laMFNHY0IxZkY4aHdKd3dVbWYvSW9Iandyb250bkViUUZSZ1dPb2tUTzk0UGw3NjJQbnU4OGJlMHJQeFNMMWtjVWxJSHhHVlJNUzlhRGczR0tmUlFIemlPRklKU0IzSWxodVRzUkM0M2lHazNXTjRiYUVhOUp0T3NBPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cloudo3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1132
content-length: 482
expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 72ms
36ms XHR
text/plain 2404:6800:4004:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1796519609&t=pageview&_s=1&dl=https%3A%2F%2Fcloudo3.com%2F&ul=en-us&de=UTF-8&dt=CloudO3%E3%81%AE%E7%9F%A5%E8%AD%98%EF%BC%88%E5%9F%BA%E6%9C%AC%E3%81%8B%E3%82%89%E5%B0%82%E9%96%80%E5%AE%B6%E3%81%BE%E3%81%A7%EF%BC%89&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1595666911&gjid=1229330938&cid=2086077877.1660895899&tid=UA-60267223-1&_gid=1269251465.1660895899&_r=1&gtm=2ou8h0&z=491128745

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cloudo3.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cloudo3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 13ms
2ms Preflight
application/json 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 19 Aug 2022 07:58:18 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 871
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ 42 B
636 B 278ms
266ms XHR
application/json 2606:4700:20::681a:8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3002
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf

Request headers

Referer: https://cloudo3.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GMylqdfQsPbjCG6GI34KMLAIgGBGmMsXzUgbFkwQ4hRWQf%2By30%2FJv7besCJ5s5tS%2F%2FCIwQIMawmivRlFDFATI0jtXijt20VQKGmiwp3Bq2cR7InbHFjAAcAnpnuoiuzhAbV1QhbSJMUYXkW7E23gzn7Oen6"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cloudo3.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 73d157e6e8e03517-NRT
content-length: 42
expires: 0

POST auction
prebid-stag.setupad.net/openrtb2/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
709 B 236ms
79ms XHR
application/json 103.43.90.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3002

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.53 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 19 Aug 2022 07:58:18 GMT
X-Proxy-Origin: 217.138.252.171; 217.138.252.171; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c02a7298-c755-4ac8-a5e0-1c131baeac57
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://cloudo3.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST c
prebid.a-mo.net/a/ 0
0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 123ms
114ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3002
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cloudo3.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://cloudo3.com
date: Fri, 19 Aug 2022 07:58:17 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 838 B
4 KB 430ms
187ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=154926&zone_id=1940846%3B1940846%3B1923074%3B1904014%3B1904014%3B1904018&size_id=9%3B9%3B2%3B15%3B15%3B15&alt_size_ids=8%3B8%3B55%3B16%2C48%2C72%2C159%3B16%2C48%2C72%2C159%3B9%2C10%2C48&rp_schain=1.0,1!setupad.com,1765,1,,,&eid_criteo.com=2---7V9vMXlROFZvZVdER0ZNRVNvJTJCaE1oZXRuZlptdWl2bkxGeTRsVXdkVzA1bThzNUpXbG1MTGwyNTQ4dlNmOVJVd0lieCUyQmpvaE5UdXlVcUZXc1FVd29WVHclM0QlM0Q%5E1&rf=https%3A%2F%2Fcloudo3.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=d4c6f45d-1966-4532-aa4f-9ba590a9e059%3Bae7c88ba-5731-4f51-b42e-18f42c0cd836%3B5e44f46d-1978-430f-9b18-bb95063519c2%3B01420ffc-ca05-4f2f-9df1-49f070b3ecae%3Bc694b93d-58ad-438d-a2a7-bcb08cc73131%3Bf3b5d5ad-7fbd-48ce-b103-9513643768fd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=6&rand=0.301448886019285
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3002
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 08e67a1cd9af84ffd2e0fbeec7523f3769f7ab0d55e9db3c9bb0cddc4fb1139c

Request headers

Referer: https://cloudo3.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 19 Aug 2022 07:58:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://cloudo3.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 838
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
213 B 8ms
2ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=67430702908

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://cloudo3.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 19 Aug 2022 07:58:18 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://cloudo3.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST openrtb
adx.adform.net/adx/ 0
0

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 733ms
242ms Preflight 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cloudo3.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://cloudo3.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Fri, 19 Aug 2022 07:58:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
696 B 152ms
38ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=cloudo3.com&callback=_gfp_s_&client=ca-pub-9410576022838101&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

9d4c41cbc2009c072df5ba3c04160bc4b8af19b9f4329866c1f5fcacbf0f66b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 151ms
38ms Script
application/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=cloudo3.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Aug 2022 07:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 79ms
39ms Script
application/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cloudo3.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Aug 2022 07:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fcloudo3.com%2F&tn=DIV&cls=ads-fixed-left&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0D4A 18 KB
1 KB 156ms
118ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&adk=598614117&adf=4165008729&lmt=1660895898&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcloudo3.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898567&bpp=3&bdt=347&idt=175&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4742029716394&frm=20&pv=2&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=188

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4ad58a856bae5c9a044e7927e982fb94540498a8e7aade671885ece2aa7cac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 1192
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:18 GMT
expires: Fri, 19 Aug 2022 07:58:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 88ms
53ms XHR
application/json 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220817&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

700ad880f1ae0f226ac3d5f4370e0e64201ca3bf3e98274ac06a64eeb8206e20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Aug 2022 07:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11130
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 63AA 66 KB
31 KB 688ms
660ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=250&slotname=1864107826&adk=2093552902&adf=1570358783&pi=t.ma~as.1864107826&w=300&lmt=1660895898&psa=0&format=300x250&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898570&bpp=1&bdt=349&idt=191&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lOIpyMi9bI&p=https%3A//cloudo3.com&dtd=196

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b0dfd0af286d93bea9a328c4177ea2a850fcfb5f949c0c1bc4dd336be748173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31679
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:19 GMT
expires: Fri, 19 Aug 2022 07:58:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2FE4 95 KB
33 KB 616ms
594ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=600&slotname=2724348643&adk=3814604248&adf=2079292310&pi=t.ma~as.2724348643&w=300&lmt=1660895898&psa=0&format=300x600&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898571&bpp=1&bdt=351&idt=198&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DHQYzveDVk&p=https%3A//cloudo3.com&dtd=201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16a88f8f34d0f2500ef001d2d3e7bccd66b4b5936d115244839d27401e746f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33649
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:19 GMT
expires: Fri, 19 Aug 2022 07:58:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E044 90 KB
33 KB 397ms
378ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=250&slotname=4769548741&adk=3317836737&adf=253653205&pi=t.ma~as.4769548741&w=300&lmt=1660895898&psa=0&format=300x250&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898572&bpp=1&bdt=352&idt=202&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x600&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=1392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=iQxhSVekQf&p=https%3A//cloudo3.com&dtd=204

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b2e409fff99d8a8aedbfdad43cc7412c8dd6aa2d004becd1b6a1cd84dfd71f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33251
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:19 GMT
expires: Fri, 19 Aug 2022 07:58:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E77A 94 KB
33 KB 383ms
369ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=600&slotname=2829553174&adk=487262234&adf=1790276170&pi=t.ma~as.2829553174&w=300&lmt=1660895898&psa=0&format=300x600&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898572&bpp=1&bdt=352&idt=206&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x600%2C300x250&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=1659&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=qn5t9CltmR&p=https%3A//cloudo3.com&dtd=208

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37e219b74d05a06a5df9db46ff4a0eaa9909df216809ed731598f037a38179c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33284
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:19 GMT
expires: Fri, 19 Aug 2022 07:58:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 193ms
107ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 07:58:19 GMT

GET
H2 200 ca-pub-9410576022838101 Show response
fundingchoicesmessages.google.com/i/ 104 KB
37 KB 203ms
85ms Script
application/javascript 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9410576022838101?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7285957a5ad20ddb74a5825481c787a320b977bb90c03dae2db8a5d3b3635596

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XQCbujIhydJvEJqKtVExGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-XQCbujIhydJvEJqKtVExGA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-XQCbujIhydJvEJqKtVExGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-XQCbujIhydJvEJqKtVExGA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 44D9 13 KB
5 KB 53ms
3ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 90040
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 06:57:39 GMT
expires: Fri, 18 Aug 2023 06:57:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4570 783 B
1 KB 90ms
41ms Document
text/html 2404:6800:4004:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0d7e44ae7f1bf40c462b6a948d5044024a26f394cce2e3dca6aaccf62b9ad469

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P7WSawuvYCOxczyX4a-S-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cloudo3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-P7WSawuvYCOxczyX4a-S-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:19 GMT
expires: Fri, 19 Aug 2022 07:58:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 g_pbto
1x1.a-mo.net/hbx/ 0
89 B 537ms
178ms Image
text/plain 100.25.50.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1660895899113&eid=705fecbe54f2418
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.50.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-50-170.compute-1.amazonaws.com
Software: MonetEngine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
cache-control: max-age=0, private, must-revalidate
server: MonetEngine

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 20ms
8ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/3002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 Aug 2022 07:58:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4570 0
0 37ms
37ms Image
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220817&jk=489572298070784&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 44D9 36 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 06:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Aug 2023 06:58:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E77A 846 B
1 KB 82ms
40ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E7%94%A8%E3%83%A3%E3%83%9AI%E3%82%8BP%E3%82%AF%E3%83%81%E4%B8%8A%E9%A1%8D%EF%BC%88%E3%83%B3%E3%81%AE%E3%82%92%E3%82%A4%E3%82%AD%E9%99%90%E4%B8%87%EF%BC%81%E5%86%86%E5%88%A99%E3%82%B9%E5%85%A8%E3%81%8F%E9%96%8B%E3%82%B7Q%E3%81%A8a%E3%81%A4%E6%97%A5%E3%83%90%EF%BC%89%E3%80%81%E3%81%AB%E3%81%99C1yU%E3%83%A5%E3%83%83

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=600&slotname=2829553174&adk=487262234&adf=1790276170&pi=t.ma~as.2829553174&w=300&lmt=1660895898&psa=0&format=300x600&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898572&bpp=1&bdt=352&idt=206&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x600%2C300x250&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=1659&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=qn5t9CltmR&p=https%3A//cloudo3.com&dtd=208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

217ede427b8c2e24c3cdd65ff68306bc1f9b82a46a84f1255cef14fe7d9b1a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 07:58:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Aug 2022 07:58:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Aug 2022 07:58:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E77A 4 KB
887 B 107ms
65ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ea2171f1cfa3fba1737d38126a0f074577b73ff01493fcf8a9d4e362bb2a232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 06:39:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Aug 2022 07:58:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Aug 2022 07:58:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame E77A 2 KB
902 B 4ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:57:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame E77A 23 KB
9 KB 4ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:53:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame E77A 3 KB
1 KB 4ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:56:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E77A 140 KB
44 KB 149ms
71ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 07:58:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame E77A 17 KB
7 KB 4ms
4ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:55:08 GMT

GET
H2 200 16838d5bcb4c763c91f5404f5ca97705.js Show response
www.gstatic.com/mysidia/ Frame E77A 33 KB
13 KB 40ms
5ms Script
text/javascript 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 03:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13605
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 13:11:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 03:50:20 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 82ms
41ms Script
application/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=cloudo3.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Aug 2022 07:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 76ms
36ms Script
application/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cloudo3.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Aug 2022 07:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 76AF 114 KB
43 KB 364ms
363ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de61a1700b5b2a29dee63aff589c78605feb6d2f86f52b30045bc1e94f7adbd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 44274
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:19 GMT
expires: Fri, 19 Aug 2022 07:58:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D0C9 114 KB
43 KB 346ms
345ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1863253611&pi=t.aa~a.3465925704~rp.4&w=750&lmt=1660895899&nsk=1139cffa&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=728&idt=1&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600%2C750x175&nras=3&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=2oKU4usWxc&p=https%3A//cloudo3.com&dtd=283

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_fy2021.js?bust=31069050

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ceebc56b1e7a5996bf57cc6bf7c15831f70993f02dbc3b93b015a83e3fe6036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 44437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:19 GMT
expires: Fri, 19 Aug 2022 07:58:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxXfbkE7s11l02Iz-Pp8osgRoApqXlhHrwwjqjVUkKptrwMBGT0PoORYicmNbrzttwbZyeKoiSSEp2wtJ0UbPAs= Show response
fundingchoicesmessages.google.com/f/ 6 KB
3 KB 132ms
96ms Script
application/javascript 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXfbkE7s11l02Iz-Pp8osgRoApqXlhHrwwjqjVUkKptrwMBGT0PoORYicmNbrzttwbZyeKoiSSEp2wtJ0UbPAs=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYwODk1ODk5LDIzNjAwMDAwMF0sIkU2QzhGOUY2LTlEMTctNDQ5NC04MkQyLTcyNDQ0QTJBRjhBNiIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly9jbG91ZG8zLmNvbS8iLG51bGwsW11d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.vfd6Vocleqg.es5.O/d=1/rs=AJlcJMzo69BORPiAI7caEX6N0-cULW8u8A/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

57be0614b51190d8f59e6e23ad4ea9caf70c2c3156fda95ff5f2b35e754f7b24

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-TJZtOcdsSl0kmbWcBg_sjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-TJZtOcdsSl0kmbWcBg_sjA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-TJZtOcdsSl0kmbWcBg_sjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-TJZtOcdsSl0kmbWcBg_sjA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 168 KB
46 KB 757ms
756ms XHR
text/plain 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=489572298070784&correlator=445478709237301&eid=31069001%2C21065724&output=ldjh&gdfp_req=1&vrg=2022081501&ptt=17&impl=fifs&us_privacy=1---&iu_parts=147246189%3A22663619828%2Ccloudo3.com_160x600_sticky_left%2Ccloudo3.com_160x600_sticky_right%2Ccloudo3.com_300x250_sidebar_1%2Ccloudo3.com_565x336_in_article_desktop_1%2Ccloudo3.com_565x336_in_article_desktop_2%2Ccloudo3.com_1000x100_desktop_anchor%2Ccloudo3.com_300x600_sidebar_desktop_1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=160x600%7C120x600%2C160x600%7C120x600%2C300x250%7C250x250%7C300x200%2C300x250%7C336x336%7C336x320%7C320x320%7C300x300%7C336x280%7C320x250%2C300x250%7C336x336%7C336x320%7C320x320%7C300x300%7C336x280%7C320x250%2C1000x100%7C970x90%7C728x90%7C990x90%7C970x50%7C960x90%7C950x90%7C980x90%7C728x93%2C300x600%7C160x600%7C300x250%7C300x300&ifi=8&adks=3467143027%2C2758468839%2C921613496%2C1124754979%2C2124773696%2C2408872552%2C3806372011&sfv=1-0-38&fsapi=false&eri=1&cust_params=origin%3Ddirect%26ECT%3D4g%26hb_rf%3D0&sc=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&abxe=1&dt=1660895899249&lmt=1660895899&dlt=1660895898220&idt=399&adxs=1440%2C0%2C1034%2C-9%2C-9%2C0%2C-9&adys=0%2C0%2C2276%2C-9%2C-9%2C7011%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C-1%7C-1%7C2%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcloudo3.com%2F&frm=20&vis=1&psz=160x-1%7C160x-1%7C300x-1%7C0x-1%7C0x-1%7C1600x7011%7C0x-1&msz=160x-1%7C160x-1%7C300x-1%7C0x-1%7C0x-1%7C1600x0%7C0x-1&fws=516%2C516%2C4%2C2%2C2%2C4%2C2&ohw=1600%2C1600%2C1080%2C0%2C0%2C1600%2C0&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=true&cbidsp=CsoBCAESFAoLcHVibWF0aWNTMlMQlgEgAzgCEhIKCWFkZm9ybVMyUxCWASADOAISEwoKcnViaWNvblMyUxCWASADOAISDwoIYXBwbmV4dXMQhgIgAhIKCgNhbXgQkAMgAxIOCghwdWJtYXRpYxB-IAISDgoHcnViaWNvbhCQAyADEgwKBmNyaXRlbxAKIAISDQoGYWRmb3JtEJADIAMYAiIkZDRjNmY0NWQtMTk2Ni00NTMyLWFhNGYtOWJhNTkwYTllMDU5KgIIA0CWAQ..~CsoBCAESFAoLcHVibWF0aWNTMlMQlgEgAzgCEhIKCWFkZm9ybVMyUxCWASADOAISEwoKcnViaWNvblMyUxCWASADOAISDwoIYXBwbmV4dXMQhwIgAhIKCgNhbXgQkAMgAxIOCghwdWJtYXRpYxB-IAISDgoHcnViaWNvbhCQAyADEgwKBmNyaXRlbxAKIAISDQoGYWRmb3JtEJADIAMYAiIkYWU3Yzg4YmEtNTczMS00ZjUxLWI0MmUtMThmNDJjMGNkODM2KgIIA0CWAQ..~~CsoBCAESFAoLcHVibWF0aWNTMlMQlgEgAzgCEhIKCWFkZm9ybVMyUxCWASADOAISEwoKcnViaWNvblMyUxCWASADOAISDwoIYXBwbmV4dXMQhwIgAhIKCgNhbXgQkAMgAxIOCghwdWJtYXRpYxB-IAISDgoHcnViaWNvbhCQAyADEgwKBmNyaXRlbxAKIAISDQoGYWRmb3JtEJADIAMYAiIkMDE0MjBmZmMtY2EwNS00ZjJmLTlkZjEtNDlmMDcwYjNlY2FlKgIIA0CWAQ..~CsoBCAESFAoLcHVibWF0aWNTMlMQlgEgAzgCEhIKCWFkZm9ybVMyUxCWASADOAISEwoKcnViaWNvblMyUxCWASADOAISDwoIYXBwbmV4dXMQhwIgAhIKCgNhbXgQkAMgAxIOCghwdWJtYXRpYxB-IAISDgoHcnViaWNvbhCQAyADEgwKBmNyaXRlbxAKIAISDQoGYWRmb3JtEJADIAMYAiIkYzY5NGI5M2QtNThhZC00MzhkLWEyYTctYmNiMDhjYzczMTMxKgIIA0CWAQ..~CsoBCAESFAoLcHVibWF0aWNTMlMQlgEgAzgCEhIKCWFkZm9ybVMyUxCWASADOAISEwoKcnViaWNvblMyUxCWASADOAISDwoIYXBwbmV4dXMQhwIgAhIKCgNhbXgQkAMgAxIOCghwdWJtYXRpYxB-IAISDgoHcnViaWNvbhCQAyADEgwKBmNyaXRlbxAKIAISDQoGYWRmb3JtEJADIAMYAiIkNWU0NGY0NmQtMTk3OC00MzBmLTliMTgtYmI5NTA2MzUxOWMyKgIIA0CWAQ..~CsoBCAESFAoLcHVibWF0aWNTMlMQlgEgAzgCEhIKCWFkZm9ybVMyUxCWASADOAISEwoKcnViaWNvblMyUxCWASADOAISDwoIYXBwbmV4dXMQhwIgAhIKCgNhbXgQkAMgAxIOCghwdWJtYXRpYxB-IAISDgoHcnViaWNvbhCQAyADEgwKBmNyaXRlbxAKIAISDQoGYWRmb3JtEJADIAMYAiIkZjNiNWQ1YWQtN2ZiZC00OGNlLWIxMDMtOTUxMzY0Mzc2OGZkKgIIA0CWAQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7608cc1b6aa5e5a7f14710c10db13e53b315008b40d587d2b66bae11acd7030

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47545
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,342103949,342103949,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,138303019295,138303019271,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cloudo3.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 005C 6 KB
0 4702ms
4496ms Document
text/html 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:23 GMT
expires: Sat, 19 Aug 2023 07:58:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 11ba241b9597ec96a8a9e01db4cce1e1.js Show response
www.gstatic.com/mysidia/ Frame E044 10 KB
5 KB 46ms
3ms Script
text/javascript 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/11ba241b9597ec96a8a9e01db4cce1e1.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=250&slotname=4769548741&adk=3317836737&adf=253653205&pi=t.ma~as.4769548741&w=300&lmt=1660895898&psa=0&format=300x250&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898572&bpp=1&bdt=352&idt=202&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x600&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=1392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=iQxhSVekQf&p=https%3A//cloudo3.com&dtd=204

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75626d2a6383bfdad3b92c86ae0623790fbe692e880b315cd06bfaa1d249f9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 03:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4562
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 22:27:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 03:59:33 GMT

GET
H2 200 ad1e77f2adaf6dc245cda5bd79718102.js Show response
www.gstatic.com/mysidia/ Frame E044 10 KB
4 KB 47ms
4ms Script
text/javascript 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ad1e77f2adaf6dc245cda5bd79718102.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9ce5cb30d6a1aaf5d54a05a124f39a12a44baf67fdb8a5b6415f73d57456058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 03:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4487
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 22:27:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 03:59:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E044 846 B
647 B 46ms
46ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%B3CUy%E3%82%AD%E3%82%A4%E3%82%92%E3%81%AE%E4%B8%8A1%E3%83%A3%E3%83%9A%E3%83%81%E3%82%AF%E7%94%A8%E3%82%8B%E3%82%B9Q%EF%BC%89%E3%81%8Fa%E5%88%A9%E6%97%A5%E3%81%A4%E9%96%8B%E3%83%90%E5%85%A8%E3%82%B7%EF%BC%819%E3%81%A8P%EF%BC%88%E9%A1%8D%E3%83%A5%E4%B8%87%E3%83%83I%E5%86%86%E3%80%81%E9%99%90%E3%81%AB%E3%81%99

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

217ede427b8c2e24c3cdd65ff68306bc1f9b82a46a84f1255cef14fe7d9b1a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 07:58:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Aug 2022 07:58:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Aug 2022 07:58:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E044 4 KB
887 B 50ms
48ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ea2171f1cfa3fba1737d38126a0f074577b73ff01493fcf8a9d4e362bb2a232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 06:46:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Aug 2022 07:58:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Aug 2022 07:58:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame E044 2 KB
902 B 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:57:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame E044 23 KB
9 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:53:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame E044 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:56:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E044 140 KB
43 KB 155ms
146ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 07:58:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame E044 17 KB
7 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:55:08 GMT

GET
H3 200 16838d5bcb4c763c91f5404f5ca97705.js Show response
www.gstatic.com/mysidia/ Frame E044 33 KB
13 KB 43ms
3ms Script
text/javascript 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 03:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13605
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 13:11:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 03:50:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E77A 0
0 46ms
45ms Fetch
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9BcGmkL_YoXHMqSjigaJ-LvID_j_4tpr-KT3iekPyMzVvvMREAEg5oPkH2CJ88WE9BOgAav59qgoyAEJqQJWAihO9oE_PqgDAcgDywSqBNcBT9AgUolDfOZu-nxYPA7ShZgaMWuCj9BEDhTm8vFKNGLjPv5_K6UlPYvWcgzt9ghlDfOPPkgWWZ3LXA5jFD3UuENSdSzJ-XeDxGA-li9juIBx1hP1-elkBaLtih4OQr8yxC1gV7_9Fhwkjxp15HzY-z5sNHVZvUYJmSOP_b6INynH-jADpFU8qygmj6nVOnYjPLdIB2-fbvNG2XUqrg3WZzJ0_zbJ9qWy-_5wzcSF396EOsAjN6VdDqbd2E97onwDKViISkazAR22WuthpsA4MZwTVhYJf8rABMjrvNSDBKAGLoAHq7HHiAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxCQNdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTA9AVAYAXAbIXHAoaCAASFHB1Yi05NDEwNTc2MDIyODM4MTAxGAA&sigh=45PxZyOmE48&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=600&slotname=2829553174&adk=487262234&adf=1790276170&pi=t.ma~as.2829553174&w=300&lmt=1660895898&psa=0&format=300x600&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898572&bpp=1&bdt=352&idt=206&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x600%2C300x250&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=1659&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=qn5t9CltmR&p=https%3A//cloudo3.com&dtd=208
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 19 Aug 2022 07:58:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 19 Aug 2022 07:58:19 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 68C7 15 KB
6 KB 4ms
4ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=cloudo3.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

c9eb532dc2b32d205f9f84a31f04a3c735842b7de6f77a2cf86bcd19cae2fc2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://cloudo3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6146
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:18 GMT
server-processing-duration-in-ticks: 1643
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 10ms
4ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 07:20:45 GMT
server: nginx
etag: W/"62fb454d-15cfe"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 Aug 2022 07:58:19 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5483706532762628697/ Frame E77A 14 KB
14 KB 3ms
3ms Image
image/jpeg 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5483706532762628697/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82dc9e84dc005b4951ddb1142b2eaaf081522823852beadf8f7828275e807649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:03:45 GMT
x-content-type-options: nosniff
age: 147274
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14491
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 03:54:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Aug 2023 15:03:45 GMT

GET
DATA 200
OK truncated
/ Frame E77A 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E77A 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

sid Show response
mug.criteo.com/ Frame 68C7
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=cloudo3.com&sn=ChromeSyncframe&so=3&topUrl=cloudo3.com&bundle=2kaK2l9ma25TWFF1V2hlQU9ZT1hHOEZTVzlxJTJCTXljanlYQ0U0cyUyRjVhJTJCYmRZWkFLeGdZ...
https://mug.criteo.com/sid?cpp=zjp0KHxFek5kSjZGZ3NLTFN2YmZVZkE1djB0d255aHRHYnRrU0IvbGlEQXZub1QvbndoQVcwL1c3SjdRV0dlUVlwTmRIcXAxRUxidk1IN2owL1RtT1ZSODl3NWExeC90OWJjUHhGTHVIRGkwOVlmeitKMWFQMDB6dTh4aV...

419 B
623 B

4ms
4ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=zjp0KHxFek5kSjZGZ3NLTFN2YmZVZkE1djB0d255aHRHYnRrU0IvbGlEQXZub1QvbndoQVcwL1c3SjdRV0dlUVlwTmRIcXAxRUxidk1IN2owL1RtT1ZSODl3NWExeC90OWJjUHhGTHVIRGkwOVlmeitKMWFQMDB6dTh4aVRTZkN5WkN0d2FIcGdxK3VuQVc2VEt2VXpEdi8zbzROVkViU2NzOTAxTTVBS2xGNnc1YVFKK2xNc2JJMG5TeTlMc1QvNzdXV1JOWTRVVWg4bGVKN0szYkFnOHdmTTIwYmNUd1lLaFN4T1RJeXZkUlZaTlQvdTZ2TnhHR1h6Ujloay9EYkhaMldBK09IUHdlT1R6RlJFZUpSMkRRNXJXRjh6Mm5uVjMwNUx1K29zcGNGaVJZND18&cppv=2

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

9165189d0e2c9104a19d2521e9606b66f86a7a1b44ca17194914de728731732c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:18 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4091
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:19 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=zjp0KHxFek5kSjZGZ3NLTFN2YmZVZkE1djB0d255aHRHYnRrU0IvbGlEQXZub1QvbndoQVcwL1c3SjdRV0dlUVlwTmRIcXAxRUxidk1IN2owL1RtT1ZSODl3NWExeC90OWJjUHhGTHVIRGkwOVlmeitKMWFQMDB6dTh4aVRTZkN5WkN0d2FIcGdxK3VuQVc2VEt2VXpEdi8zbzROVkViU2NzOTAxTTVBS2xGNnc1YVFKK2xNc2JJMG5TeTlMc1QvNzdXV1JOWTRVVWg4bGVKN0szYkFnOHdmTTIwYmNUd1lLaFN4T1RJeXZkUlZaTlQvdTZ2TnhHR1h6Ujloay9EYkhaMldBK09IUHdlT1R6RlJFZUpSMkRRNXJXRjh6Mm5uVjMwNUx1K29zcGNGaVJZND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1345
content-length: 567
expires: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E044 0
0 47ms
46ms Fetch
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeWAjmkL_Yv_QMom5gQPQ0pWQD_j_4tproKX3iekPyMzVvvMREAEg5oPkH2CJ88WE9BOgAav59qgoyAEBqQKl9bWnEYk_PqgDAcgDywSqBN0BT9DQoPKH7DDJr6NBRWYp-SDoGIz6XLjd8yN5Lptfv_e-zYq9wbRAVGTwqcvMXDht2-ovJGKpV9tVwkeJk1lQrNPOSs8aRssD2gniOkU6uI1Lt0F9Ma2jpJy5eayzrnpQNqva3NMBAUNxsfEm8JlUGUpKewWk6v0ZQxtTk8LpzgYhwAbOcbPA74RDwoN_njqjE5F95traVwEqA0ubWue4fo52i4nI4qyiCBxMjmAleB-vR_olPztTiGqLhptnIPV00cRHB57ZGODSBGU5W8lU9PH12wrvA7VvYcjJmXfABMjrvNSDBIAHq7HHiAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDGpALSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwPQFQGAFwGyFxwKGggAEhRwdWItOTQxMDU3NjAyMjgzODEwMRgA&sigh=OcYQg2crAdA&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=250&slotname=4769548741&adk=3317836737&adf=253653205&pi=t.ma~as.4769548741&w=300&lmt=1660895898&psa=0&format=300x250&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898572&bpp=1&bdt=352&idt=202&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x600&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=1392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=iQxhSVekQf&p=https%3A//cloudo3.com&dtd=204
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 19 Aug 2022 07:58:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D036 143 B
163 B 2ms
2ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=250&slotname=4769548741&adk=3317836737&adf=253653205&pi=t.ma~as.4769548741&w=300&lmt=1660895898&psa=0&format=300x250&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898572&bpp=1&bdt=352&idt=202&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x600&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=1392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=iQxhSVekQf&p=https%3A//cloudo3.com&dtd=204
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 19 Aug 2022 07:27:44 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 44D9 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dAJEIA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 5821.js Show response
go.trvdp.com/init/ 6 KB
6 KB 20ms
3ms Script
binary/octet-stream 13.249.167.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/5821.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1377/5821.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.167.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-167-4.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 842e57eba2dc1de32bfc15f51eacf00655037501344fb89d6c3e77bd612ffeee

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 01 May 2022 17:06:31 GMT
via: 1.1 2402083883f8d7e887ab58fb56e109ac.cloudfront.net (CloudFront)
last-modified: Sun, 01 May 2022 12:05:54 GMT
server: AmazonS3
age: 9471109
etag: "c3cce75780a172aaa5a963648804058c"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
x-amz-cf-pop: NRT12-C3
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: KimouqVNM2BPxE8eBK89dCXqDqdtOCI5vRWlW6SSo5QkGNLFNdIUbg==

POST
H3 204 AGSKWxWtYo0v0hf6CF55E7hF_a1dMPGK4x2dccII2fAYdd-08sywYXczGascrpKq4I_TkySBfFhsljaub9hm0h2vcdpnk9HYn82G6IdVMaWltIn8yuexuVt2gQq1TKn3eHdQKFgLYcKv_w== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 95ms
55ms XHR
text/html 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWtYo0v0hf6CF55E7hF_a1dMPGK4x2dccII2fAYdd-08sywYXczGascrpKq4I_TkySBfFhsljaub9hm0h2vcdpnk9HYn82G6IdVMaWltIn8yuexuVt2gQq1TKn3eHdQKFgLYcKv_w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fHwQrdqzbamUFGkgN7OR_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-fHwQrdqzbamUFGkgN7OR_g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://cloudo3.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fHwQrdqzbamUFGkgN7OR_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-fHwQrdqzbamUFGkgN7OR_g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVmQCe-ecO1cxaeNaG_lLjPW2OlJyhuwFrSqFROPeG3hV36CGGrmjK2ZdOgQDeu8QpavP5BgO6W6Vh1Y87NOSQO7PL8H1Ke41csoCThl2IYlwxpOwfxmWHSre1kWGvSjSrrhdIScA== Show response
fundingchoicesmessages.google.com/f/ 17 KB
7 KB 112ms
112ms Script
application/javascript 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVmQCe-ecO1cxaeNaG_lLjPW2OlJyhuwFrSqFROPeG3hV36CGGrmjK2ZdOgQDeu8QpavP5BgO6W6Vh1Y87NOSQO7PL8H1Ke41csoCThl2IYlwxpOwfxmWHSre1kWGvSjSrrhdIScA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYwODk1ODk5LDQ2MDAwMDAwMF0sIkU2QzhGOUY2LTlEMTctNDQ5NC04MkQyLTcyNDQ0QTJBRjhBNiIsbnVsbCxudWxsLFtudWxsLFs3LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMSwxXSwiaHR0cHM6Ly9jbG91ZG8zLmNvbS8iLG51bGwsW11d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35704aae3dfe8c38cbe6e1cf403d7f79b4d5effc6031128337337d79b5b7afa5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-bDDaHzH_p1xyyDmgQtum9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-bDDaHzH_p1xyyDmgQtum9w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-bDDaHzH_p1xyyDmgQtum9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-bDDaHzH_p1xyyDmgQtum9w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
date: Fri, 19 Aug 2022 07:58:19 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2FE4 1 KB
745 B 77ms
39ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%82%8B%E5%8F%B2%E3%83%88%E5%BF%85%E3%81%95%E3%81%A7%E3%81%AE%E3%82%92%E3%80%8D%E6%9C%9D%E3%82%A4%E8%A6%81%E9%96%80%E6%9C%AC%E7%B9%B0%E3%80%82%E4%BA%89%E3%81%86%E3%81%AA%E7%A5%9E%E4%BB%A3%E8%91%89%E3%81%84%E5%8A%9F%E3%81%A8%E9%81%8E%E3%82%81%E5%AD%A6%E8%AA%9E%E8%BF%94%E3%81%AF%E3%81%B6%E5%A4%A7%E8%81%9E%E6%8E%88%E3%81%AB%E8%BF%91%E3%82%B8%E3%81%8C%E3%82%BF%E6%88%A6%E3%81%93%E6%96%B0%E7%BF%92%E3%81%A1%E5%8D%83%E3%81%9F%E3%82%8A%E6%95%99%E3%83%87%E3%83%AB%E8%A6%8B%E6%97%A5%E3%80%8C%E3%82%B5%E5%B0%82%E9%AB%84%E3%80%81%E9%99%A2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=600&slotname=2724348643&adk=3814604248&adf=2079292310&pi=t.ma~as.2724348643&w=300&lmt=1660895898&psa=0&format=300x600&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898571&bpp=1&bdt=351&idt=198&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DHQYzveDVk&p=https%3A//cloudo3.com&dtd=201

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

56ed754df5fedb2849c86621adf8633a3fed5349b36d117d38d9b2e81ee64f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 07:58:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Aug 2022 07:58:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Aug 2022 07:58:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 2FE4 2 KB
902 B 3ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=600&slotname=2724348643&adk=3814604248&adf=2079292310&pi=t.ma~as.2724348643&w=300&lmt=1660895898&psa=0&format=300x600&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898571&bpp=1&bdt=351&idt=198&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DHQYzveDVk&p=https%3A//cloudo3.com&dtd=201

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:57:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 2FE4 23 KB
9 KB 4ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=600&slotname=2724348643&adk=3814604248&adf=2079292310&pi=t.ma~as.2724348643&w=300&lmt=1660895898&psa=0&format=300x600&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898571&bpp=1&bdt=351&idt=198&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DHQYzveDVk&p=https%3A//cloudo3.com&dtd=201

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:53:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 2FE4 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=600&slotname=2724348643&adk=3814604248&adf=2079292310&pi=t.ma~as.2724348643&w=300&lmt=1660895898&psa=0&format=300x600&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898571&bpp=1&bdt=351&idt=198&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DHQYzveDVk&p=https%3A//cloudo3.com&dtd=201

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:56:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2FE4 140 KB
43 KB 111ms
73ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=600&slotname=2724348643&adk=3814604248&adf=2079292310&pi=t.ma~as.2724348643&w=300&lmt=1660895898&psa=0&format=300x600&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898571&bpp=1&bdt=351&idt=198&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DHQYzveDVk&p=https%3A//cloudo3.com&dtd=201

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 07:58:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 2FE4 17 KB
7 KB 4ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=600&slotname=2724348643&adk=3814604248&adf=2079292310&pi=t.ma~as.2724348643&w=300&lmt=1660895898&psa=0&format=300x600&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898571&bpp=1&bdt=351&idt=198&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DHQYzveDVk&p=https%3A//cloudo3.com&dtd=201

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:55:08 GMT

GET
H3 200 16838d5bcb4c763c91f5404f5ca97705.js Show response
www.gstatic.com/mysidia/ Frame 2FE4 33 KB
13 KB 4ms
4ms Script
text/javascript 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=600&slotname=2724348643&adk=3814604248&adf=2079292310&pi=t.ma~as.2724348643&w=300&lmt=1660895898&psa=0&format=300x600&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898571&bpp=1&bdt=351&idt=198&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DHQYzveDVk&p=https%3A//cloudo3.com&dtd=201

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 03:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13605
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 13:11:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 03:50:20 GMT

GET
DATA 200
OK truncated
/ Frame E77A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30c9299ad647befb611d66488cc9af62517098957e33bdcfef3a37fbc2f6e874

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2FE4 0
0 56ms
56ms Fetch
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpCcnmkL_YtbZMtKHgQOuyIK4BoLMj65rgpOvqNMPrgIQASDmg-QfYInzxYT0E6ABtNWE9gLIAQmpAlYCKE72gT8-qAMByAPLBKoE3gFP0Cv7a-KYrf5OCGeyf_fNO-dAlyxrpsRrDillMTmE__U5lXh94yCEr5U2syAT5MNQaquLthrqLiy4uArimkz1nlM7XlbNVKIksRWozqv5hIk-Z6yu6DDq9TiQLCtSbHEMYuVJVZz5z2DHjl1JA32g96eqcUJ2W6v70xIY_ltNZeQRGuXCgyA6twzYUtDOZRXiiDu8ernAJ_MjdSu9jyNZhx4x2W0wtgu57_QarJdjI-IrDKBNB9V6Pi24mgX0FafNCsEeQhWFxW9W_QIF33nJ_E0WINeowUB3RWphesLABMenpO-DBKAGLoAHtKr7iQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDd5wrSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwPQFQGAFwGyFxwKGggAEhRwdWItOTQxMDU3NjAyMjgzODEwMRgA&sigh=rZhnsvCPQGQ&uach_m=[UACH]&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=600&slotname=2724348643&adk=3814604248&adf=2079292310&pi=t.ma~as.2724348643&w=300&lmt=1660895898&psa=0&format=300x600&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898571&bpp=1&bdt=351&idt=198&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DHQYzveDVk&p=https%3A//cloudo3.com&dtd=201

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=600&slotname=2724348643&adk=3814604248&adf=2079292310&pi=t.ma~as.2724348643&w=300&lmt=1660895898&psa=0&format=300x600&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898571&bpp=1&bdt=351&idt=198&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DHQYzveDVk&p=https%3A//cloudo3.com&dtd=201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 19 Aug 2022 07:58:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13558493953277338/ Frame 2FE4 21 KB
21 KB 5ms
3ms Image
image/jpeg 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13558493953277338/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=600&slotname=2724348643&adk=3814604248&adf=2079292310&pi=t.ma~as.2724348643&w=300&lmt=1660895898&psa=0&format=300x600&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898571&bpp=1&bdt=351&idt=198&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DHQYzveDVk&p=https%3A//cloudo3.com&dtd=201

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d87a0deefac935d38c437a68385a4021936343104935d89f85ab29ce5ae37d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 13:12:05 GMT
x-content-type-options: nosniff
age: 585974
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21758
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 02:55:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Aug 2023 13:12:05 GMT

GET
DATA 200
OK truncated
/ Frame 2FE4 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2FE4 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 font
fonts.gstatic.com/l/ Frame E77A 15 KB
16 KB 46ms
3ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQMisq12X5htssV5Awns6Tr1e_OSMW7l3n1UTMub-Rxo_PWZihYiLtp1znF77qoTrp-3BBxagqPB4wIlJFgMMQ2KahQpAhk7h57jrN4Xll9fR__Q7MuP4Ipo8E-Z5pYyZTMcF_qdpO9L7xLH0ghmlAdTdnm9MCvatLFdXKkNJWfLujU90WuZVqs3ViMkYyAj6IgmZVl91anITL-W-45YDWB0_gCA&skey=fbc48de1c6e1b00c&v=v42

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E7%94%A8%E3%83%A3%E3%83%9AI%E3%82%8BP%E3%82%AF%E3%83%81%E4%B8%8A%E9%A1%8D%EF%BC%88%E3%83%B3%E3%81%AE%E3%82%92%E3%82%A4%E3%82%AD%E9%99%90%E4%B8%87%EF%BC%81%E5%86%86%E5%88%A99%E3%82%B9%E5%85%A8%E3%81%8F%E9%96%8B%E3%82%B7Q%E3%81%A8a%E3%81%A4%E6%97%A5%E3%83%90%EF%BC%89%E3%80%81%E3%81%AB%E3%81%99C1yU%E3%83%A5%E3%83%83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

368fde44b967f88bd2797fc4d56008859919638309a1642714ab9cbabd1338a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:03:37 GMT
x-content-type-options: nosniff
age: 60882
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15608
x-xss-protection: 0
last-modified: Tue, 10 May 2022 14:49:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 18 Aug 2022 15:03:37 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame E77A 15 KB
15 KB 47ms
6ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqW02ZcxKNFRYwBtnhyV1e-NyMW8V3n3ETMur-R-I_PWJihbyLtplznFb7qpDrq3nBB3KgqNx4wIVJFvsMQ0aahQZAhkrh58TrN5nll-vR__A7Mu_4JnY8E-p5pYiZTPcF_ttpO9b7xJX0gh2lAdjdnotMCu6tLA9LxpNJWcbqecd0Vl5VknHZ9PkcxDzCKoWZajN1igYLW9W-47IDWBg&skey=72472b0eb8793570&v=v42

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa5119874df1a44fb4555a647996a8b871be44b1406655c9ccdf5f4a3a31f51e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:03:41 GMT
x-content-type-options: nosniff
age: 60878
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15476
x-xss-protection: 0
last-modified: Tue, 10 May 2022 14:49:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 18 Aug 2022 15:03:41 GMT

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame E77A 17 KB
17 KB 46ms
5ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 05:26:51 GMT
x-content-type-options: nosniff
age: 441088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17204
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 05:26:51 GMT

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 8 KB
4 KB 181ms
163ms XHR
application/json 143.204.86.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1377&wid=5821&cb=6932.64649369266&pid=4366&url=https%3A%2F%2Fcloudo3.com%2F
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/5821.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-90.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: 2673aef7ddd26f07ac986b27aa291ec0fa161a746512940d1ab1c75ceb357325

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: NRT12-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://cloudo3.com
access-control-allow-credentials: true
x-amz-cf-id: IcLh-ucNnpPd-plm54WrhaenvfWe0GhqQ0tIjI6Sa1vJPMVUlBai3A==
via: 1.1 87684a2174eeee359a89721a3d15aa94.cloudfront.net (CloudFront)

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D036
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
43ms

Document
text/html

2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:19 GMT
expires: Fri, 19 Aug 2022 07:58:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 63AA 42 B
63 B 43ms
43ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DjbplRXIGgzMlRcmPw1pWxeo5QCeDnyE0UV2hjFMcMRI7LowwtmGbJvR8WBUS4w95uvdsiF6Wf0bzwrlSEWSb4taDPbRxVjlE9dWX-Q_w2TH5YEOM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=250&slotname=1864107826&adk=2093552902&adf=1570358783&pi=t.ma~as.1864107826&w=300&lmt=1660895898&psa=0&format=300x250&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898570&bpp=1&bdt=349&idt=191&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lOIpyMi9bI&p=https%3A//cloudo3.com&dtd=196

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 63AA 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:56:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 63AA 140 KB
43 KB 134ms
134ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 07:58:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 63AA 17 KB
7 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:55:08 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FC80 448 B
271 B 44ms
44ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMOBVRDZuP6EAhiarZPOATAB&v=APEucNWx_sTSuznAdmiCinacoubWyX7rhSOTAxebY08GKDFXM37Sjkst2ygxBIQzvc9SPtv54Nh4bY7-r714E_omkjnqgzJQMw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=250&slotname=1864107826&adk=2093552902&adf=1570358783&pi=t.ma~as.1864107826&w=300&lmt=1660895898&psa=0&format=300x250&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898570&bpp=1&bdt=349&idt=191&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lOIpyMi9bI&p=https%3A//cloudo3.com&dtd=196
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 248
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:19 GMT
expires: Fri, 19 Aug 2022 07:58:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 63AA 23 KB
9 KB 4ms
4ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:14:33 GMT

GET
H2 200 14333888941510522667
s0.2mdn.net/simgad/ Frame 63AA 67 KB
68 KB 116ms
3ms Image
image/jpeg 2404:6800:4004:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14333888941510522667

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

935d48eec6f90f612ac853e181994083d795ffa539d0028764b573ee79a88214

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 01:53:06 GMT
x-content-type-options: nosniff
age: 21913
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69046
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 07:14:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Aug 2023 01:53:06 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/ Frame 63AA 6 KB
3 KB 4ms
4ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d4f6e28cf855271fabcd5fccb24e71ef842e3ffa3c33795d9ddd9d3a1e3a46b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 00:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2640
x-xss-protection: 0
server: cafe
etag: 4024001306453174559
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 00:38:51 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 63AA 0
622 B 131ms
51ms Ping
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvi92HA4UTJWAf05oKStd3CwbG8nXM4vC5zORzSJEo5QtYNE6_IrQv9EoveDj46_w5cFdfx2Gsm510y4WvwEs9kQTQ0dxOdo2qoj_cfuLzAGNa8qMFd_DODwKqR_5ADgNvQ-VsZgrJvie2yaHSfPS-uuD7lqhcasOOa-EHG-VcIQ1IniaqD8OvF9Soc66AkBqPg-eyYYO1ZHPr8OyaoJVqFUAWnaxhuUax9NbaHLRuv_fMfNmUeSfy07eiiu2CogD-CJ4d6AfuX-p_iUBwR2PXKHU7tC7V3ZAboJG5XQtp7XmLESyFOgvpUzpDU1z7wULwHRKYtEyZQQLe9g7Uff3grM3Av5vOPS2_kBFk0GF4rBV8a0Zqg8hfg-P-IK3NpFbOZ5W5_q2kBJjMUFItjlV_wfijFkh0FhHquw0vobnk7K47rLpv8OLOqm_Ce_WVEkq2kXRJt5r3WDZPbdK4aaIhvfArw-GErvMbfnGCcQ2LU6iSVOXGQ4pCb_C8qraysfLf_96V5G7R3n-PK_KQNmZscHJ9yMcV3aQrGpSJY5gN5FBqyA8aNL2ogUJ8eIWKmEzrxzz55IntqLg-OxtMMATuqKc6iGxrcagdmqeXbKvZhWV1BHfjF8Fe2fg4_rFkTfbZYR5-pJIOwUevyGMcFKQwWlJs8fanq5x9ujxb37GJS1QOLbuxZr-bcSJb8lfqJonx4INRndpZgQ9axK6XZs0BBadEf_wymZl18DFe67k6qgdg1ebIndRAb-J8sROoKF264W_DafsIxP_AzerR7yENgnvGF6ZY3bGkaKxaq8nDMTpiTbnKbWCnkZD7CiPDURRmLhE69c01OW48yFCQ33lks0Tr2LLXpV3e8AkRvjyqPvtE1ew-YU56CPyQhXnGxE1rDYF2h3alQOmClQU6gWR4npQjZ-LhmXoQorIqoOmi-iKNb2p7pzB0r64y5woNCHrg9SM6ObKHbtrba_VazLAegHY-iadC50udo3spQBJGDs2sBBi7ejEJ4KEh_TRqDjp0_7P2iJeVRi7aPbX1GGpFpts-LjqRcJ2VpUz4PPZmN4T2IIYeOZUgoSHklOPKvt_ZJpQrCH-SxpN7z-UrtkmL00yEbsDNRsok8ufWy7kVgJD39LCeg41dnqofZUW5ysWifIw&sai=AMfl-YTBGZzA7ZaWn0AQZnWXx5_68vSeUH6W2I-MFn4RxMGSu0QdMsK5NqXaS8rDr-7URJMS49kZ1fyhDPv2ak9RF0_XQr7aZcJ2Y8qIkMOJxeSMDKwg1QZ_AzHNYRe8IemV5gSNCv1Pxi7WRGK8bkRHsy0q5GQlNTNC7v3XDMiVYfI_YfFIKm4zrQE&sig=Cg0ArKJSzDEgwjNSV7ZbEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220817.72072&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 19 Aug 2022 07:58:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 63AA 41 KB
15 KB 4ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 23:16:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376933
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 23:16:06 GMT

GET
DATA 200
OK truncated
/ Frame E044 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 956bd93884910467084d99ff20d0e51a7731f54850e3efd64b11338636cd1139

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 font
fonts.gstatic.com/l/ Frame E044 15 KB
15 KB 19ms
4ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%B3CUy%E3%82%AD%E3%82%A4%E3%82%92%E3%81%AE%E4%B8%8A1%E3%83%A3%E3%83%9A%E3%83%81%E3%82%AF%E7%94%A8%E3%82%8B%E3%82%B9Q%EF%BC%89%E3%81%8Fa%E5%88%A9%E6%97%A5%E3%81%A4%E9%96%8B%E3%83%90%E5%85%A8%E3%82%B7%EF%BC%819%E3%81%A8P%EF%BC%88%E9%A1%8D%E3%83%A5%E4%B8%87%E3%83%83I%E5%86%86%E3%80%81%E9%99%90%E3%81%AB%E3%81%99

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

368fde44b967f88bd2797fc4d56008859919638309a1642714ab9cbabd1338a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:03:37 GMT
x-content-type-options: nosniff
age: 60882
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15608
x-xss-protection: 0
last-modified: Tue, 10 May 2022 14:49:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 18 Aug 2022 15:03:37 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame E044 15 KB
15 KB 23ms
8ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa5119874df1a44fb4555a647996a8b871be44b1406655c9ccdf5f4a3a31f51e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:03:41 GMT
x-content-type-options: nosniff
age: 60878
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15476
x-xss-protection: 0
last-modified: Tue, 10 May 2022 14:49:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 18 Aug 2022 15:03:41 GMT

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame E044 17 KB
17 KB 21ms
6ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 05:26:51 GMT
x-content-type-options: nosniff
age: 441088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17204
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 05:26:51 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3ADE 22 KB
8 KB 3ms
2ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 252621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 09:47:58 GMT
expires: Wed, 16 Aug 2023 09:47:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 767B 36 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 06:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Aug 2023 06:58:38 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC80
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
188 B

86ms
86ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMOBVRDZuP6EAhiarZPOATAB&v=APEucNWx_sTSuznAdmiCinacoubWyX7rhSOTAxebY08GKDFXM37Sjkst2ygxBIQzvc9SPtv54Nh4bY7-r714E_omkjnqgzJQMw

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 19 Aug 2022 07:58:19 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
strict-transport-security: max-age=31536000
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FC80
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOewaUlDINoQxsxN8LCgBqc&google_cver=1

43 B
937 B

28ms
22ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOewaUlDINoQxsxN8LCgBqc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMOBVRDZuP6EAhiarZPOATAB&v=APEucNWx_sTSuznAdmiCinacoubWyX7rhSOTAxebY08GKDFXM37Sjkst2ygxBIQzvc9SPtv54Nh4bY7-r714E_omkjnqgzJQMw
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73d157edd95fafbb-NRT
pragma: no-cache
date: Fri, 19 Aug 2022 07:58:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BWDI3ATjq18%2B8pxMtDyQhA5GPI1GYwfqt5CQzLPJN3LA9oVhtLjcCBNQvmsjAHII0K8xPtwUSL%2F9i1T4fgUdDET2dihr0JnkBVyzJoM2WfS11n2IBkAIZVpjqC%2B4G00GafH20tP%2FzF1Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOewaUlDINoQxsxN8LCgBqc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FC80
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://r.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yv9Cm3fNqOyRPXu9-FDdpgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELMpvXEK9Ih6NNxAjbvxzRU&google_cver=1

43 B
898 B

21ms
21ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELMpvXEK9Ih6NNxAjbvxzRU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMOBVRDZuP6EAhiarZPOATAB&v=APEucNWx_sTSuznAdmiCinacoubWyX7rhSOTAxebY08GKDFXM37Sjkst2ygxBIQzvc9SPtv54Nh4bY7-r714E_omkjnqgzJQMw
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73d157ee8a6dafbb-NRT
pragma: no-cache
date: Fri, 19 Aug 2022 07:58:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAxz8Ws%2B8Pw1usxPGau32z4bd3Wv7x2bYeNrTCugiVyupi1ADd1BRRyJn5%2Fbm9sPGOamkOXlwhH2limBTTpUhEgcaFkltEoG0qgtqEMCGtAJhUy8bGzucM6nzps0COpWOhaE0O%2F4WFDb7w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELMpvXEK9Ih6NNxAjbvxzRU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3ADE 36 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 06:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Aug 2023 06:58:38 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D0C9 6 KB
672 B 47ms
45ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=ja

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1863253611&pi=t.aa~a.3465925704~rp.4&w=750&lmt=1660895899&nsk=1139cffa&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=728&idt=1&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600%2C750x175&nras=3&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=2oKU4usWxc&p=https%3A//cloudo3.com&dtd=283

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 06:43:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Aug 2022 07:58:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Aug 2022 07:58:19 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D0C9 114 KB
30 KB 48ms
45ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500&text=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a30e13df4caf4e06cb5cc01d07522241e6a78a2384f766ce55c88f517595596b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 07:58:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Aug 2022 07:58:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Aug 2022 07:58:19 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame D0C9 34 KB
14 KB 4ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565d050c0575bbf2b923e0dcbe3c2d5729f0254c4edf68d53b1644e61db8008b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14051
x-xss-protection: 0
server: cafe
etag: 7443058143385388256
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:49:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame D0C9 23 KB
9 KB 5ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:53:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame D0C9 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:56:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D0C9 140 KB
43 KB 59ms
57ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 07:58:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame D0C9 17 KB
7 KB 5ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:55:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D0C9 0
0 38ms
38ms Image
text/html 2404:6800:4004:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQewavubqg_wKdpUHuz6KgpMtCLar-2bxaJVBMZudGfKU81lHsqc2H5K8gEzjFCLmeyDxtlI2k-Tr60bNrVufJvyTJoIA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1863253611&pi=t.aa~a.3465925704~rp.4&w=750&lmt=1660895899&nsk=1139cffa&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=728&idt=1&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600%2C750x175&nras=3&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=2oKU4usWxc&p=https%3A//cloudo3.com&dtd=283
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:823::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 58ms
58ms Image
image/gif 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=0.6906159698427885

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-E8I1OpE_LYwGfFOO7gZRcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-E8I1OpE_LYwGfFOO7gZRcw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: image/gif
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-E8I1OpE_LYwGfFOO7gZRcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-E8I1OpE_LYwGfFOO7gZRcw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 89ms
89ms Image
image/gif 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=6.735817897746978

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-ptVV3xJ0bmwtL9QEyE4BTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-ptVV3xJ0bmwtL9QEyE4BTg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-ptVV3xJ0bmwtL9QEyE4BTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-ptVV3xJ0bmwtL9QEyE4BTg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 76AF 6 KB
672 B 40ms
40ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=ja

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 06:43:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Aug 2022 07:58:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Aug 2022 07:58:19 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 76AF 114 KB
30 KB 51ms
50ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500&text=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a30e13df4caf4e06cb5cc01d07522241e6a78a2384f766ce55c88f517595596b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 07:58:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Aug 2022 07:58:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Aug 2022 07:58:19 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 76AF 34 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565d050c0575bbf2b923e0dcbe3c2d5729f0254c4edf68d53b1644e61db8008b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14051
x-xss-protection: 0
server: cafe
etag: 7443058143385388256
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:49:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 76AF 23 KB
9 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:53:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 76AF 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:56:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 76AF 140 KB
43 KB 62ms
61ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 07:58:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 76AF 17 KB
7 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:55:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 76AF 0
0 39ms
39ms Image
text/html 2404:6800:4004:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTg1tI-fkUi--lB93E3iPKDAbKaRrBuXCNdL7ffQ0KoHtkJLaYyFSrozl5Ey08lnoTHNESUriLhKm0AxuAqG9xWIQpW5Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:823::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 2FE4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04af041da31e160b9470a2ea1428374256e3b63e6f63bea18819fb90894d8365

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 font
fonts.gstatic.com/l/ Frame 2FE4 23 KB
23 KB 44ms
8ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQMisq12WEhgmVlTrgTXhyWle_NSMW5V3nw0TMq7-R0I_PbpihUyLtmlznKL7qlTrp9XBC76gpDB4zHVJGvcMT1KaiRpAil7h66jrO_3lm7fR89Q7PtP4Lqo8F-Z5oayZSOcF-tNpP8L7wJH0humlBWTdmt9MDqatKCNXLnNVte7yYX9sQlpNvvXNpEkMmDD2mo2t4v9FJk4jn92WL1orOKEXxJ0p-VEOh7iQmSsiEFVKrSIf0M2up3kXVs5MWnVgdB3kSimmoZrIB_yU5Jf2N3i_Yp5pB_9stAna7qzxAOUfFbI0Q2319bg&skey=fbc48de1c6e1b00c&v=v42

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%82%8B%E5%8F%B2%E3%83%88%E5%BF%85%E3%81%95%E3%81%A7%E3%81%AE%E3%82%92%E3%80%8D%E6%9C%9D%E3%82%A4%E8%A6%81%E9%96%80%E6%9C%AC%E7%B9%B0%E3%80%82%E4%BA%89%E3%81%86%E3%81%AA%E7%A5%9E%E4%BB%A3%E8%91%89%E3%81%84%E5%8A%9F%E3%81%A8%E9%81%8E%E3%82%81%E5%AD%A6%E8%AA%9E%E8%BF%94%E3%81%AF%E3%81%B6%E5%A4%A7%E8%81%9E%E6%8E%88%E3%81%AB%E8%BF%91%E3%82%B8%E3%81%8C%E3%82%BF%E6%88%A6%E3%81%93%E6%96%B0%E7%BF%92%E3%81%A1%E5%8D%83%E3%81%9F%E3%82%8A%E6%95%99%E3%83%87%E3%83%AB%E8%A6%8B%E6%97%A5%E3%80%8C%E3%82%B5%E5%B0%82%E9%AB%84%E3%80%81%E9%99%A2

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed0301414df7b2e64d0213cc1c3558f4ffb78d21fdcb660182bd9ae2c10e392a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 16:03:14 GMT
x-content-type-options: nosniff
age: 57305
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23952
x-xss-protection: 0
last-modified: Tue, 10 May 2022 14:49:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 18 Aug 2022 16:03:14 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame 2FE4 23 KB
23 KB 40ms
5ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxrr07TlBgmVljrgQ3hyW1e-PCMW513nzkTMrL-Rz4_PaZihUiLtmVznIb7qqjrp9HBC7KgpCB4zHFJGssMT1aaiRZAilrh67zrO_nlm8vR88A7Pt_4InY8F8p5oaiZSIMF-stpP_b7wGX0hq2lBWjdmttMDpqtKD9XKo9VtfbyYXtsQmZNvvHNpMEQfLj2niWpJg9FOj4jlxmWgw4rHKUXsA0pxU0CWzSQgZMifBFKoYYf1Jmui5kXVgpIvr1gBKXkUqGaWarIR6CUOLf2N1C_UsppU8NstB3eFsTxXN0fKTo0i_Q&skey=72472b0eb8793570&v=v42

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

642f6e23601475b18969f2f8ed910141a228e3bf24f7d618222a5c9827f4af59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:54:18 GMT
x-content-type-options: nosniff
age: 57841
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23552
x-xss-protection: 0
last-modified: Tue, 10 May 2022 14:49:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 18 Aug 2022 15:54:18 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 63AA 0
26 B 82ms
42ms Ping
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Aug 2022 07:58:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ins.js Show response
s.trvdp.com/scripts/v5.761/ 659 KB
178 KB 21ms
3ms Script
application/javascript 143.204.86.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.761/ins.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/5821.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-126.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2bd27a61f64c193e2b5d4a1b5408fb0ee1a21ab556f6c128d25c0515d4603413

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 06:59:56 GMT
content-encoding: br
last-modified: Thu, 07 Jul 2022 16:19:45 GMT
server: AmazonS3
age: 3632304
etag: W/"8286a07bcd2e7fe3f15dd3a949360e7b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4dadadff1d09a3efb8a9374bdfc2848.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C2
x-amz-cf-id: 1_MKRrs9ukgHAO8Kx_ehQQoy0hMS39Vj1I3rWOtgem6IDVmpJ7tFJg==

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8314474051386872715/ Frame D0C9 7 KB
7 KB 7ms
7ms Image
image/jpeg 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8314474051386872715/downsize_200k_v1?sqp=4sqPyQSSAUKPAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhYIdhB2GAEgAS0AAAA_MHY4dkUAAIA_&rs=AOga4qlEUgXx4hCyotGAZafn6F8boMoMYA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

661ff0949b683abd41a19b472a151d38409f69fa79057ef714d8495c03691c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 01:55:00 GMT
x-content-type-options: nosniff
age: 194599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6831
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 02:03:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Aug 2023 01:55:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D0C9 0
0 50ms
47ms Fetch
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3KcEm0L_Ys2kEKiCs8IPxoqwuA2_l8bya-fr9aKcENnZHhABIOaD5B9gifPFhPQToAGHj_C-AcgBBqkCpfW1pxGJPz6oAwHIA8sEqgTbAU_QEcP9I-PJ2kBJXSflXDcB9knE0TVVTOWRbV9Pe-1uK0H5aAAATivZ-ncJPinf3K8o6JHdOmFjoDMQkYjBhOhmKvTXRgeVw3zcsOKX_LtrjPO0HePUgqcOeNWxx4jcRgXMHoQINBAYxdInFceB0D0ucDtT1aGCDhXK2ri_gq-Mf0n6F14Mx-GFHJBSz3s6oow1ECDyKHykdFuzuPgJ55mIv2-yuBu8m2UdWBE8iGORGMHsyfdszNdvTb8OFnStU9v4_kyZhNFBB-Gtuu1zQldzavanm7X_8pTHZMAE1uu--voDoAY3gAfh8I_BAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKn8AdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTA9AVAYAXAbIXHAoaCAASFHB1Yi05NDEwNTc2MDIyODM4MTAxGAA&sigh=i9U1kEcWKsc&uach_m=[UACH]&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1863253611&pi=t.aa~a.3465925704~rp.4&w=750&lmt=1660895899&nsk=1139cffa&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=728&idt=1&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600%2C750x175&nras=3&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=2oKU4usWxc&p=https%3A//cloudo3.com&dtd=283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 19 Aug 2022 07:58:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CA1A 143 B
163 B 5ms
2ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1863253611&pi=t.aa~a.3465925704~rp.4&w=750&lmt=1660895899&nsk=1139cffa&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=728&idt=1&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600%2C750x175&nras=3&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=2oKU4usWxc&p=https%3A//cloudo3.com&dtd=283
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 19 Aug 2022 07:27:44 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1B5F 1 KB
749 B 5ms
3ms Document
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 83281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 08:50:18 GMT
etag: 48472445140208031
expires: Fri, 19 Aug 2022 08:50:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 63AA 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcf292b1bf300fe77af5a917a1ac0a5f5a9756703a29faa74c5a3730371780a4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D0C9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73b4209526acc8332e73ac941b2d071b970c9a6bf181ea9c4e9719e8bf8fa8e8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D0C9 16 KB
16 KB 4ms
3ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=ja

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 19:36:05 GMT
x-content-type-options: nosniff
age: 130934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 19:36:05 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2
fonts.gstatic.com/s/notosansjp/v42/ Frame D0C9 50 KB
50 KB 4ms
4ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500&text=

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b204913c9832e2ea49df683dab67ef73146bfd43a1845458e68fde81bc25a8aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 13:42:09 GMT
x-content-type-options: nosniff
age: 324970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51568
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:50:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 13:42:09 GMT

POST
H3 204 AGSKWxUJX2wZpZSzeeeBL52bmAjJVGN3aZo9IuqsL9px1TreONyFYBPmpw2f-WKTWQZBV6diigmI_H3Cu7wXsIaJR1vxRIMvwnPztY0TXrjglnGxocwW8SZKF1ZNoPut02FWvOPwlWJ8ag== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 56ms
55ms XHR
text/html 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUJX2wZpZSzeeeBL52bmAjJVGN3aZo9IuqsL9px1TreONyFYBPmpw2f-WKTWQZBV6diigmI_H3Cu7wXsIaJR1vxRIMvwnPztY0TXrjglnGxocwW8SZKF1ZNoPut02FWvOPwlWJ8ag==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_vWVAtKKAEzs21rMK9lvKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-_vWVAtKKAEzs21rMK9lvKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://cloudo3.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-_vWVAtKKAEzs21rMK9lvKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-_vWVAtKKAEzs21rMK9lvKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E83 36 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 06:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Aug 2023 06:58:38 GMT

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2395 36 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9410576022838101&output=html&h=600&slotname=2724348643&adk=3814604248&adf=2079292310&pi=t.ma~as.2724348643&w=300&lmt=1660895898&psa=0&format=300x600&url=https%3A%2F%2Fcloudo3.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898571&bpp=1&bdt=351&idt=198&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=515&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DHQYzveDVk&p=https%3A//cloudo3.com&dtd=201

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 06:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Aug 2023 06:58:38 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8314474051386872715/ Frame 76AF 7 KB
7 KB 2ms
2ms Image
image/jpeg 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

661ff0949b683abd41a19b472a151d38409f69fa79057ef714d8495c03691c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 01:55:00 GMT
x-content-type-options: nosniff
age: 194599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6831
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 02:03:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Aug 2023 01:55:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 76AF 0
0 46ms
46ms Fetch
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CS74zm0L_YrfWEMqNs8IPpua7eL-XxvJr5-v1opwQ2dkeEAEg5oPkH2CJ88WE9BOgAYeP8L4ByAEGqQKl9bWnEYk_PqgDAcgDywSqBNsBT9APz2xjiQ2eJZJLOyH5jnzK2zW1D7h2L4n8ERQpOWLTLdnh9cTv2WPuwgWibXZx6B3ycEctTMSXW02q7NPFJOHiyn0AKkvy3Ieeqm6pr179QPKlXQG3uQvUimbxhhRB0sS3qlDoaVm6MJuo8XE6VgITxTsz8RBGh4PnVAMsq20Wb71XiC_i1gHoxB8Xdy4yih67h3arJdBvaM1uWIZ2VAy7Tsm04kmpXfOhGAJBEZ7_QXA-z1o81BxNjojz7Y5muZE4wW-eLwQly0j40JC_sAFBCtBGV8I-6ByzwATW6776-gOgBjeAB-Hwj8ECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQpbcC0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMD0BUBgBcBshccChoIABIUcHViLTk0MTA1NzYwMjI4MzgxMDEYAA&sigh=TwieMEojM2I&uach_m=[UACH]&template_id=492

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 19 Aug 2022 07:58:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CDB8 143 B
163 B 3ms
2ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 19 Aug 2022 07:27:44 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 18A1 1 KB
749 B 3ms
2ms Document
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 83281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 08:50:18 GMT
etag: 48472445140208031
expires: Fri, 19 Aug 2022 08:50:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 76AF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f084956184fb0be2dabf39669f071b1bb2a98478a87a401530efdf0592593f09

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 76AF 16 KB
16 KB 2ms
2ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=ja

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 19:36:05 GMT
x-content-type-options: nosniff
age: 130934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 19:36:05 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2
fonts.gstatic.com/s/notosansjp/v42/ Frame 76AF 50 KB
50 KB 2ms
2ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500&text=

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b204913c9832e2ea49df683dab67ef73146bfd43a1845458e68fde81bc25a8aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 13:42:09 GMT
x-content-type-options: nosniff
age: 324970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51568
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:50:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 13:42:09 GMT

GET
H/1.1 200
OK cors Show response
data.ad-score.com/score/ 52 B
720 B 576ms
152ms XHR
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=cloudo3.com&l1=5821&l2=cloudo3.com&l3=JP&l4=desktop&l5=5.761&cb=0.7143812246921064
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.761/ins.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Aug 2022 07:58:20 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://cloudo3.com
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 52

GET
H2 200 dpixel
cms.quantserve.com/ Frame 1B5F 35 B
463 B 263ms
81ms Image
image/gif 2620:116:800e:21:c338:3a39:7c0b:1a51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECeXE8IWkX0zNolhOaw30nw&google_cver=1&google_push=AehlK4DQ59oZxCGRIkGBbsDjLIO4rwFExwHQphTsdDEKIFyk7mrTxwfPqbSiVpL_3ArxGMuQHjDrnDgUlEnBxisa5IKyno0tp18J

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:c338:3a39:7c0b:1a51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:20 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B5F
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEO9htghcuHVLr2Yxe45PSIY&google_cver=1&google_push=AehlK4A2tBG11q0j79K2bWi6TUJAGfS0PvZqpJ0tYJW4ZZEHd3pieLZEmOiYaNqlW7Ae08M2MLrgFdzdjLtJ_BY2GyThlCs3Z3sm
https://rtb.openx.net/sync/dds?google_gid=CAESEO9htghcuHVLr2Yxe45PSIY&google_cver=1&google_push=AehlK4A2tBG11q0j79K2bWi6TUJAGfS0PvZqpJ0tYJW4ZZEHd3pieLZEmOiYaNqlW7Ae08M2MLrgFdzdjLtJ_BY2GyThlCs3Z3sm&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4A2tBG11q0j79K2bWi6TUJAGfS0PvZqpJ0tYJW4ZZEHd3pieLZEmOiYaNqlW7Ae08M2MLrgFdzdjLtJ_BY2GyThlCs3Z3sm&google_hm=e4Bx0JqSxO419VJ_dgt1gA==

170 B
188 B

90ms
89ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4A2tBG11q0j79K2bWi6TUJAGfS0PvZqpJ0tYJW4ZZEHd3pieLZEmOiYaNqlW7Ae08M2MLrgFdzdjLtJ_BY2GyThlCs3Z3sm&google_hm=e4Bx0JqSxO419VJ_dgt1gA==

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:19 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4A2tBG11q0j79K2bWi6TUJAGfS0PvZqpJ0tYJW4ZZEHd3pieLZEmOiYaNqlW7Ae08M2MLrgFdzdjLtJ_BY2GyThlCs3Z3sm&google_hm=e4Bx0JqSxO419VJ_dgt1gA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: u6k6r6qmid430ir5gf3e6tjl8a22s9am

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 1B5F 0
166 B 24ms
2ms Image
text/html 103.231.99.243
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOztqFSNRca613rq95n-xaU&google_cver=1&google_push=AehlK4DXySrfLN-XcVhbB2X9b2qLqWzo0cdR2g2wODzpzZEzUoVz3HNOEOzS3V-SNPOH98jtqAvqLBKB4vOJU1Ea1Sl3DFDdB7PM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1863253611&pi=t.aa~a.3465925704~rp.4&w=750&lmt=1660895899&nsk=1139cffa&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=728&idt=1&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600%2C750x175&nras=3&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=2oKU4usWxc&p=https%3A//cloudo3.com&dtd=283
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B5F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG4iL_OIVyMRuOItnCk7CxE&google_cver=1&google_push=AehlK4DQW55wXFCcj5OYsOJ_BNhtENWI4V71DQjcphICkHIWD46KoxmgvfaDv9sUqRWYxNwosZo...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwNko5TTUtMUItOUpQMQ==&google_push=AehlK4DQW55wXFCcj5OYsOJ_BNhtENWI4V71DQjcphICkHIWD46KoxmgvfaDv9sUqRWYxNwosZo0N6dzAFG1Z66GHJlCCSTGPLTe

170 B
188 B

94ms
94ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwNko5TTUtMUItOUpQMQ==&google_push=AehlK4DQW55wXFCcj5OYsOJ_BNhtENWI4V71DQjcphICkHIWD46KoxmgvfaDv9sUqRWYxNwosZo0N6dzAFG1Z66GHJlCCSTGPLTe

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwNko5TTUtMUItOUpQMQ==&google_push=AehlK4DQW55wXFCcj5OYsOJ_BNhtENWI4V71DQjcphICkHIWD46KoxmgvfaDv9sUqRWYxNwosZo0N6dzAFG1Z66GHJlCCSTGPLTe
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 750589468d5634b7e99830971becaf64
Expires: 0

GET
H2 200 usermatchredir
ssum-sec.casalemedia.com/ Frame 1B5F 43 B
842 B 47ms
23ms Image
image/gif 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGirtS4pawH9w1i6ajR_S9U&google_cver=1&google_push=AehlK4A9MiIpDH-GppsXaST2tGA64fN87qyxBnJKnh9cBRRk32pjBZYAKsmctXB62UCFYk_m9i399W8Mk5Lx-QdiGAvlo5QqPAN3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1863253611&pi=t.aa~a.3465925704~rp.4&w=750&lmt=1660895899&nsk=1139cffa&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=728&idt=1&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600%2C750x175&nras=3&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=2oKU4usWxc&p=https%3A//cloudo3.com&dtd=283
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73d157ee9dcd344b-NRT
pragma: no-cache
date: Fri, 19 Aug 2022 07:58:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCB80EPMOs1OheOgNLWgdU1j9NP0smdjhaAGEGGO%2BY3bYOqYx6SfISCRspDEL0DKmIEOBaPObWQAN%2F%2Fv4fe561fYjAaGfxXF0fMMqS3ZiFilxGSpf%2F40xx%2BitRxWp3bxqA4gGoE0DTtF7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B5F
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEFhSoMHgtG4v1CpDQQGnQLs&google_cver=1&google_push=AehlK4BvcMfqtJDWim1oWNbjceWCMGh2arh9E18IIjp9C6LecGI_Box0IR_57pyGOtDOVljOn_jCHR99OFVuk5K6JXVVtPCqcQTk
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4BvcMfqtJDWim1oWNbjceWCMGh2arh9E18IIjp9C6LecGI_Box0IR_57pyGOtDOVljOn_jCHR99OFVuk5K6JXVVtPCqcQTk&google_hm=c4b2c0eac7a950bce5a...

170 B
188 B

94ms
94ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4BvcMfqtJDWim1oWNbjceWCMGh2arh9E18IIjp9C6LecGI_Box0IR_57pyGOtDOVljOn_jCHR99OFVuk5K6JXVVtPCqcQTk&google_hm=c4b2c0eac7a950bce5ada634523981a3

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4BvcMfqtJDWim1oWNbjceWCMGh2arh9E18IIjp9C6LecGI_Box0IR_57pyGOtDOVljOn_jCHR99OFVuk5K6JXVVtPCqcQTk&google_hm=c4b2c0eac7a950bce5ada634523981a3
date: Fri, 19 Aug 2022 07:58:19 GMT
server: nginx
content-type: text/html; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET googleredir
googlecm.hit.gemius.pl/ Frame 1B5F 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1B5F 0
12 B 96ms
95ms Image
text/html 172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KKh1s6OXW21zCgcOIOD76rZXsXK7a3aXb3DUR83D68G6AuxnDLDgJ4_EuozQzIUzMDKWic8Q

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CA1A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

64ms
64ms

Document
text/html

2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:20 GMT
expires: Fri, 19 Aug 2022 07:58:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C66 36 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 06:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Aug 2023 06:58:38 GMT

GET
H2 200 container.html Show response
d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 29BB 6 KB
4 KB 2446ms
2445ms Document
text/html 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:22 GMT
expires: Sat, 19 Aug 2023 07:58:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CF93 6 KB
3 KB 2478ms
2478ms Document
text/html 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:22 GMT
expires: Sat, 19 Aug 2023 07:58:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3D6F 6 KB
3 KB 2478ms
2477ms Document
text/html 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:22 GMT
expires: Sat, 19 Aug 2023 07:58:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B413 6 KB
3 KB 2476ms
2476ms Document
text/html 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:22 GMT
expires: Sat, 19 Aug 2023 07:58:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 18A1 35 B
464 B 83ms
79ms Image
image/gif 2620:116:800e:21:c338:3a39:7c0b:1a51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPGEXDgZpGuCFrMZPVDBV4I&google_cver=1&google_push=AehlK4DG-4eqklIdwwlRgdRD8ZiiOGYKZLaG-KWB7VRsoLmjnQSj1fxd5PG10N6DnfklE-mA1v12W54A0iAgm4I4w9FZRbAM6uY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:c338:3a39:7c0b:1a51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:20 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 18A1
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEDJ8NItJdpzDyKVXFY8rYio&google_cver=1&google_push=AehlK4DIMa2I4OEjwCNdEEWdvhErxwKZfNK4HFpjhFWQ6gUTa2vUK2pGzn_X-49XccSIx_SF0rbq-AfVDsM7nnNd3OVn_D4inRg
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4DIMa2I4OEjwCNdEEWdvhErxwKZfNK4HFpjhFWQ6gUTa2vUK2pGzn_X-49XccSIx_SF0rbq-AfVDsM7nnNd3OVn_D4inRg&google_hm=e4Bx0JqSxO419VJ_dgt1gA==

170 B
188 B

92ms
92ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4DIMa2I4OEjwCNdEEWdvhErxwKZfNK4HFpjhFWQ6gUTa2vUK2pGzn_X-49XccSIx_SF0rbq-AfVDsM7nnNd3OVn_D4inRg&google_hm=e4Bx0JqSxO419VJ_dgt1gA==

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:19 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4DIMa2I4OEjwCNdEEWdvhErxwKZfNK4HFpjhFWQ6gUTa2vUK2pGzn_X-49XccSIx_SF0rbq-AfVDsM7nnNd3OVn_D4inRg&google_hm=e4Bx0JqSxO419VJ_dgt1gA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: bgp2p02t0tjjuh5u82m8eepsogl5gpqe

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 18A1 0
41 B 3ms
1ms Image
text/html 103.231.99.243
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEG4dQ-zgt01LvVl1DD9Q1JU&google_cver=1&google_push=AehlK4C4QRUjEZ1s2dMsu7ALbLCnHmwDMdGXpCA05hlzM9erAZRWXiBVxTJjrW5U3B-VKvZ8Kx0E-g9bNas2KfCLO1WpFXJ-EA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 18A1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPA7VyK63Bvz-iWAxNbGBKo&google_cver=1&google_push=AehlK4BF4lJ10cuFzJiCK-YRhAgH-B8hXbTb9i5aSNCNuCEkQ8J12op4lj1jM1DDMOIrE7hkRJx...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwNko5TTUtMUItOUpQMQ==&google_push=AehlK4BF4lJ10cuFzJiCK-YRhAgH-B8hXbTb9i5aSNCNuCEkQ8J12op4lj1jM1DDMOIrE7hkRJxrEh4nC8g5ieSEXgNDvcWzXUk

170 B
188 B

95ms
95ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwNko5TTUtMUItOUpQMQ==&google_push=AehlK4BF4lJ10cuFzJiCK-YRhAgH-B8hXbTb9i5aSNCNuCEkQ8J12op4lj1jM1DDMOIrE7hkRJxrEh4nC8g5ieSEXgNDvcWzXUk

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwNko5TTUtMUItOUpQMQ==&google_push=AehlK4BF4lJ10cuFzJiCK-YRhAgH-B8hXbTb9i5aSNCNuCEkQ8J12op4lj1jM1DDMOIrE7hkRJxrEh4nC8g5ieSEXgNDvcWzXUk
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 750589468d5634b7e99830971becaf64
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 18A1 43 B
296 B 231ms
67ms Image
image/gif 2406:da18:5a5:3102:baf:3d79:7ea7:16e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESENMT6n2YgnpFlLONjNt4DHk&google_cver=1&google_push=AehlK4CWqLVYxBtq_0vvuVJfkoC1UrAifwuUllOBmOfeoLR0EW3g0iPYtm15I9YV29fUkHYbGexqRFDehDGWvzvqQQGXj0tf8Ds
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da18:5a5:3102:baf:3d79:7ea7:16e Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:20 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 18A1
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEGMo_lCMXtd1vVs7wqyR3ho&google_cver=1&google_push=AehlK4AlGw9Lys6dcXJQyaCw6Ln2DW3WA_sL0ki_DzOrhSXO5BlCDOp1l4pfZv64dyk6CGsV66uyAqvNPa5j2lSy2K28caGrKcs
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4AlGw9Lys6dcXJQyaCw6Ln2DW3WA_sL0ki_DzOrhSXO5BlCDOp1l4pfZv64dyk6CGsV66uyAqvNPa5j2lSy2K28caGrKcs&google_hm=c4b2c0eac7a950bce5ad...

170 B
188 B

91ms
90ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4AlGw9Lys6dcXJQyaCw6Ln2DW3WA_sL0ki_DzOrhSXO5BlCDOp1l4pfZv64dyk6CGsV66uyAqvNPa5j2lSy2K28caGrKcs&google_hm=c4b2c0eac7a950bce5ada634523981a3

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4AlGw9Lys6dcXJQyaCw6Ln2DW3WA_sL0ki_DzOrhSXO5BlCDOp1l4pfZv64dyk6CGsV66uyAqvNPa5j2lSy2K28caGrKcs&google_hm=c4b2c0eac7a950bce5ada634523981a3
date: Fri, 19 Aug 2022 07:58:20 GMT
server: nginx
content-type: text/html; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET googleredir
googlecm.hit.gemius.pl/ Frame 18A1 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 18A1 0
12 B 89ms
88ms Image
text/html 172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lemu963WX45qvcWlenXQCFxNASvgxgUN8d5_eeLkBvqOnCrUr1dciObSTzQ-4hISCos_bNrQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:20 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CDB8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

57ms
57ms

Document
text/html

2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:20 GMT
expires: Fri, 19 Aug 2022 07:58:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B34 36 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9410576022838101&output=html&h=175&adk=3313508260&adf=1062730560&pi=t.aa~a.3465906774~rp.4&w=750&lmt=1660895899&nsk=81d3a1&rafmt=11&pwprc=8426660699&psa=0&ad_type=text_image&format=750x175&url=https%3A%2F%2Fcloudo3.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660895898949&bpp=1&bdt=729&idt=-M&shv=r20220817&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dceb7f45e48cb6271-22489b5faad500d1%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MZ1HWg-Tjjm6ytDTVV8jKb-tYhkxA&gpic=UID%3D000008c80c7ab187%3AT%3D1660895898%3ART%3D1660895898%3AS%3DALNI_MbbzYLHg-GiR1s5Pti3nIKajiB65A&prev_fmts=0x0%2C300x250%2C300x600%2C300x250%2C300x600&nras=2&correlator=4742029716394&frm=20&pv=1&ga_vid=2086077877.1660895899&ga_sid=1660895899&ga_hid=1796519609&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069050%2C21065724&oid=2&pvsid=489572298070784&tmod=566175846&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Muy7KW9T00&p=https%3A//cloudo3.com&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 06:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Aug 2023 06:58:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
41ms Image
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220817&jk=489572298070784&bg=!V1SlVBDNAAYUOm8VNDo7ACkAdvg8WhbCHUGivv1isULDSV5ow2WU3E9JlAj_UVntxWW8jj7cS3XERQIAAAEtUgAAAAJoAQcKACRlcVxazrRFW4b3CuufaiZxsF7ffCudtPy-Y1JmnNLszZLnH7yZAu6AfHFCT7_5VdoxpiyLFsRmFCXVFgRfYO_3gYqt3tYUS8ntr7iEC4p5tYvkfDXXrB7ebo2XDp8jSwqDg5hI5fECQ33yIkqEzusflBS45CArkpZispov-HnN4z2dpnN5J8fJIHk-SbydVWTuzeEv7Y-_BGnhtEkNQVACGjDAe8Ji4gUDuWBJyV-MFvKgejZkCLKg98fH-yPDyyWvMij9GxD8bzJ7PfkuYuNOUn67o99NXzzMTzjx_PJ0nPk_SFateQrs4LZQMIJGypLtmxNhCJovp2i9rhkVblV09M5kT70ZzlxeA1Jsg4PoBQJl2sIH-1fIBynhIaTV2-1zjPYavWazYrAIWOPm-VIo1nypfSjqTN46uKb43G5SmIs5NG2VjNG3Do6DUoJyphr7FyWoh7vFxgCzwNAsSldPAqmbLGor75wL3sH3YRja-PMOlxpR8956oMNWxOov58fpkbtXG-IQqTLQp3yiDVLzW1NhOJL6wE9vK8NXhkgBxPz3y1X6k65h_27tpysKpP2iGP1c9i9lZcBPG5QZJh70xk4R8fgC9_nWbkzItvM7JBTmonogfEEytlwVTy1iOwIvTu1AvRXYrXxhaKIkz07uF2J0g7P2QgPel9a83tdSdcGK_B6p2WM1bxN3oKxnWCIMxpCnMdMmPRjbox-4z5QBIpRU56h2b643kvxQC8KoKza1J0Ds4XEmO-L3mTTFG13q9XYBTRuphQxUZ-esEW1CwF3yMzoi4427OGkrESTWCGHSsjSVxd8cBL1XG4puXm_BibYweCsaAE1eHbM1AOhebvIOgYwMPBAdfBUGWpVrgZ8hoiWUlrPKHCF8UtI2OwBpiz0jQSEyPEUvrchEqnSxQkwcWpQhG8GuZ-AxvF46x13wbcQNDwQ9oXYNq20gks1hpzStfDxongJODShYn4JviTeRKz6YlzKM-guOPo4Dvz00ZovL4pNNP_7e8gn_rITEGrRnieR31S5xVhycrpaEG842RcU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3ADE 0
20 B 40ms
39ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bb_GqmkL_YqG6MtK1s8IPkL6PmAcAAAAAOAHgBAI&bg=!q6ilqOzNAAYUOm8VNDo7ACkAdvg8WulsCvykunrJ0ivrgZgT3J-AIXrP3I2U1NXBt9ws7mMKl1pehAIAAAG4UgAAAAFoAQeZAxNp5yz0uW2jQ0SkwsXgY8f5odRzOe3beYz2x_Dhz_Ecs_qa-Ie9MUgvYK7Krm78P1IkLKcXZRZIkBhgcwAnEUdW10BnjsE_fYYcza1_KlCEwdfx-jtU390sYUsglzaQh8tw8tI5ZQJIkySSCdP2p1yBdPQLapauvI4in554w4K23U7YwIwVzb2SETWyceJFM-d5rLNnXYpSm7-0swpVMGuvMtndc0mKiVSj4lUMiodE1BTFeNtxz0yElaUPdAAqgsDf2hzYtxKwqnR-oaZ2xXPBXaAdof_d76kITFsXYKfrPoNfYdfKBJwx5KXdQk2cYt2Y1yKIqHiYZ9Z8-Zon2Ph9ThdOAm_k-riB2XJoqcGPLpiJ8m_2JH1sYbhZLoWOt6pnUHGO6joxeVHC1BVBG1YEgUjHSnh4fz6qfLx-yCOaAasuJsaOBNutvtrHiQ-0aH28_T0QBs1EN0j94vZY2ahbtqhL7_HgngE4vh-wbIx9WExycfGRrKi1RIiGVuTfWoDs6aE5N3Ci0OCC4gwkmoyzOl6fTChDsBmkVqpBdVH-S5vF5BkezYio-TGrPUHlxpD_b4X405U0EtDEIQoxlEfkW5CeFv-gai4BD0f5A-UIPUWxJupQtrDbmYr7xs3ccdFjuxYjSBPT5ClDJbOi7vRw7JjCPufX9E3dYZsEqr7du35H1V0auSnhA0u-NDTTedDaTpmPHXeszUN6C0Nr7QkhXyJeNU9GIpTw_XiRW63wUmCEPp7a85VOMYLXM3nOK8btcXQy109VGsNYyJ-bExgXm2M6qZ7ltv2715fQyviYxNjOJXRMvxb-7SR05HN2pVC0IeF-BzGkj3JTgAYytfLRcqOUOj48co4pgsRxpOnNJpkEZxAxWaAAuHM-O3i8qJZUSGo7KeeDwq2LE_y1KvUGWzERMXBJHp7lptqJd_VyVilkZCfs1iSzrYa79gOB9xKnt9g5FCqZn0SPIfKgdXRo1wL-BNcvBkyRQg_v_exvq6OS2x6wBJ1kvjsMStd7aWTzyH_4VvQePkhJOXazfiJ3GvOo

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prtct.php Show response
stg.truvidplayer.com/v5.761/ Frame 986A 0
327 B 147ms
147ms Document
text/html 143.204.86.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/v5.761/prtct.php?val=f&geo=JP&timestamp=1660895900&level=0
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.761/ins.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-90.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cloudo3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 19 Aug 2022 07:58:20 GMT
server: nginx
via: 1.1 87684a2174eeee359a89721a3d15aa94.cloudfront.net (CloudFront)
x-amz-cf-id: zHPef69UajgdS2-JHVhr-uIgKI3faszc4S6oCpC3eQC4p09fUmybng==
x-amz-cf-pop: NRT12-C2
x-cache: Miss from cloudfront

GET
H3 200 pagead. Show response
fundingchoicesmessages.google.com/f/AGSKWxXFcC097ao6FfFL-SaCZhVTCMRV228zDArOt48gQdzTcsXsQpE8CENE1zkrP_FwKeDkyTR2caQ-6fLqtaDmcKcnqu48R9JmKb99lixut78uwhCCDeGPhXV3NLnWORyNPKulubhPgbnpcTaIPNarHZAOd5dyh... 54 B
110 B 53ms
53ms Script
application/javascript 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXFcC097ao6FfFL-SaCZhVTCMRV228zDArOt48gQdzTcsXsQpE8CENE1zkrP_FwKeDkyTR2caQ-6fLqtaDmcKcnqu48R9JmKb99lixut78uwhCCDeGPhXV3NLnWORyNPKulubhPgbnpcTaIPNarHZAOd5dyhGm2ayHbWGQvEYvi5RCzc5ggZG--BgXo/_/static/ad-_800x80_.net/_adv/youporngay.com/pagead.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.vfd6Vocleqg.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMzo69BORPiAI7caEX6N0-cULW8u8A/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ced9078e955e6193584028d6a1bcdde50c546dcaaeb7a9f30f11d841ff61f157

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4n441CWcyoqgQr7LTtNfdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4n441CWcyoqgQr7LTtNfdA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-4n441CWcyoqgQr7LTtNfdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4n441CWcyoqgQr7LTtNfdA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
date: Fri, 19 Aug 2022 07:58:20 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 63 KB
24 KB 4ms
3ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.vfd6Vocleqg.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMzo69BORPiAI7caEX6N0-cULW8u8A/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2051a9373e01b111211247251572fb685a8fa7e9fea2255619256d4714e0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:43:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24193
x-xss-protection: 0
server: cafe
etag: 6858204432399944515
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Aug 2022 08:43:32 GMT

POST
H3 204 AGSKWxUJX2wZpZSzeeeBL52bmAjJVGN3aZo9IuqsL9px1TreONyFYBPmpw2f-WKTWQZBV6diigmI_H3Cu7wXsIaJR1vxRIMvwnPztY0TXrjglnGxocwW8SZKF1ZNoPut02FWvOPwlWJ8ag== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 54ms
53ms XHR
text/html 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUJX2wZpZSzeeeBL52bmAjJVGN3aZo9IuqsL9px1TreONyFYBPmpw2f-WKTWQZBV6diigmI_H3Cu7wXsIaJR1vxRIMvwnPztY0TXrjglnGxocwW8SZKF1ZNoPut02FWvOPwlWJ8ag==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-76OQ6-Ui2_WXuZv82LPkNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-76OQ6-Ui2_WXuZv82LPkNA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 19 Aug 2022 07:58:20 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://cloudo3.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-76OQ6-Ui2_WXuZv82LPkNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-76OQ6-Ui2_WXuZv82LPkNA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUJX2wZpZSzeeeBL52bmAjJVGN3aZo9IuqsL9px1TreONyFYBPmpw2f-WKTWQZBV6diigmI_H3Cu7wXsIaJR1vxRIMvwnPztY0TXrjglnGxocwW8SZKF1ZNoPut02FWvOPwlWJ8ag== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 79ms
78ms XHR
text/html 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUJX2wZpZSzeeeBL52bmAjJVGN3aZo9IuqsL9px1TreONyFYBPmpw2f-WKTWQZBV6diigmI_H3Cu7wXsIaJR1vxRIMvwnPztY0TXrjglnGxocwW8SZKF1ZNoPut02FWvOPwlWJ8ag==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mbOTaDkH1fswUKaiGEa0KA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-mbOTaDkH1fswUKaiGEa0KA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 19 Aug 2022 07:58:20 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://cloudo3.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mbOTaDkH1fswUKaiGEa0KA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-mbOTaDkH1fswUKaiGEa0KA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
327 B 788ms
249ms Ping
image/gif 2a00:1450:400f:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~l706jatk&ctx=0&met.9=1.ek~2.f9~13.gr
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400f:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:21 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUJX2wZpZSzeeeBL52bmAjJVGN3aZo9IuqsL9px1TreONyFYBPmpw2f-WKTWQZBV6diigmI_H3Cu7wXsIaJR1vxRIMvwnPztY0TXrjglnGxocwW8SZKF1ZNoPut02FWvOPwlWJ8ag== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 49ms
49ms XHR
text/html 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUJX2wZpZSzeeeBL52bmAjJVGN3aZo9IuqsL9px1TreONyFYBPmpw2f-WKTWQZBV6diigmI_H3Cu7wXsIaJR1vxRIMvwnPztY0TXrjglnGxocwW8SZKF1ZNoPut02FWvOPwlWJ8ag==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-N9qxK21PLj-vJHOhdFardg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-N9qxK21PLj-vJHOhdFardg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 19 Aug 2022 07:58:20 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://cloudo3.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-N9qxK21PLj-vJHOhdFardg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-N9qxK21PLj-vJHOhdFardg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUJX2wZpZSzeeeBL52bmAjJVGN3aZo9IuqsL9px1TreONyFYBPmpw2f-WKTWQZBV6diigmI_H3Cu7wXsIaJR1vxRIMvwnPztY0TXrjglnGxocwW8SZKF1ZNoPut02FWvOPwlWJ8ag== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 95ms
95ms XHR
text/html 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUJX2wZpZSzeeeBL52bmAjJVGN3aZo9IuqsL9px1TreONyFYBPmpw2f-WKTWQZBV6diigmI_H3Cu7wXsIaJR1vxRIMvwnPztY0TXrjglnGxocwW8SZKF1ZNoPut02FWvOPwlWJ8ag==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SUYv9hVSRw1zjXbQousoBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-SUYv9hVSRw1zjXbQousoBQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 19 Aug 2022 07:58:20 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://cloudo3.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-SUYv9hVSRw1zjXbQousoBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-SUYv9hVSRw1zjXbQousoBQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUC2jrKYHmI-LW5CqN7HDlbPZmhNFDjQmNYKfNyXqs5wbqMzEmbO-48PbVqjyoe5enksdVUB1C9jA39zUOOVhGqBUuMePCs2Mk19oc17ES-7D8fklb9Xb7SuDAwe_OjT_vxCD9gLQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 110ms
110ms Script
application/javascript 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUC2jrKYHmI-LW5CqN7HDlbPZmhNFDjQmNYKfNyXqs5wbqMzEmbO-48PbVqjyoe5enksdVUB1C9jA39zUOOVhGqBUuMePCs2Mk19oc17ES-7D8fklb9Xb7SuDAwe_OjT_vxCD9gLQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYwODk1OTAwLDYwMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vY2xvdWRvMy5jb20vIixudWxsLFtdXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

118d29f45308e06b299ff9c08d0ee2a70a6231ed7180e92ca80f2f0abe8da60f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HMC070viV5DdOIcW2ZDeJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-HMC070viV5DdOIcW2ZDeJQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cloudo3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-HMC070viV5DdOIcW2ZDeJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-HMC070viV5DdOIcW2ZDeJQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU9MORheAc4tfbkQzLUN94EyChXvDVXq7FJWdrHlG51e1QrTzB7bf-Rfr8aIv14RKvSk6tANMjE1pB3kE6NDBzlekOybbAM0Xj9rPMaPtIOPVAsxZ3FyLK9oPRA2XnHGyFYrF3o8Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 54ms
54ms XHR
text/html 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU9MORheAc4tfbkQzLUN94EyChXvDVXq7FJWdrHlG51e1QrTzB7bf-Rfr8aIv14RKvSk6tANMjE1pB3kE6NDBzlekOybbAM0Xj9rPMaPtIOPVAsxZ3FyLK9oPRA2XnHGyFYrF3o8Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FqL2hlordZafa8rX4uqg8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-FqL2hlordZafa8rX4uqg8w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cloudo3.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 19 Aug 2022 07:58:20 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://cloudo3.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FqL2hlordZafa8rX4uqg8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-FqL2hlordZafa8rX4uqg8w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2FE4 42 B
64 B 47ms
46ms Fetch
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTdW0i936OmTZaWaGWPVE92Aek3yHngCWnKpppBXQUtEugUO1NAdCFEtVyQMQs61XuaJi4gEvED_l7_O3mpcdxCpiZnT2y1xQXG2DmekP2rA74oTRbrFtMomTrFcbOLCpOhFBJMcVAFExA7gIdheWqqy-LT7qtTDtm2bSqutLqAHSVEMaBdfjfhJ2Rx_vNIy86Zl59NKPO2BtyBMo6wRA5-lYNxc3iwiPIQNAemQM_0Gl0yU8lczTK5_-SiHQnyz4PC9tRI3mzCqQrJWBIbuxi2TDJ3AadPjd1tTJK7Rn4y6HLAlbJ7MhcWT7GE2d9esPfDd_aYQCTfLkfWPW3T0lmAw5AWuKPP5ErqfnG6PO2jMU1LtIp1nmz3tFHRfp48LT_7zBn1P7PzIsnAHkg6OYUFmtqEVOmOIT5eDr0rP2cizJybEkddeuF5ykgrRt-wgSitPQ2qhIjCoId8GzYczEXIQtnJy-9FMGg-AZ38PeVZeKrzFo3qYLZmsY6IzyOggK7qJKn2K5Qc6VanFih2cKUpPu1FP5vNI39dyR5wWvqQ-3Hn4AYPAVa1-sMzmTQASfa5ReajtSDOVu5xjHNNzqdNchmVnuJc54xQagyOXsjftugOtEBlueY4w7FA6NowYoo1TF9qTXt_-h4iMUCUIJZAVOl4_mwcbLyf8GSSrtJMs92lzGVPpmk4j3OZZvlapSMNlWWSci3fxhx7YF-0l7TExo4ajvSRaznAoMg1GGdyRVT-XiYV3ZiSnzY2RvIm4R6CNns3Bk4Vw0OlhO6n6t_A4MafVUZ5JJH6YO71-TOACdI0Lm55GQuloYOgUktaS4_ZQMKSymOWh29T9VQfwrhODgt3qbYJpC5ZXN8tvDY7KGo_buC5quVUl9ioAMqwW8zOQz9P6AsOdWkq67tiuLYptUoHTqNuNsIVqPSxegTDIluYdiRkUqkEcO97RjM1d9HCkvNX7K0dKCU&sai=AMfl-YTEUheek_goDN2xvgDp5WbGz6nAnG3EcnXhldnfe7YWKbecCrvbJxf88nE_cyhzDawhWM92RK30bjDk1ylE8i5nkINx9BKXDQ&sig=Cg0ArKJSzPTZIAqGlTr1EAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3814604248&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660895898773&rpt=1022&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 63AA 42 B
64 B 45ms
44ms Fetch
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstH6e1G-bAvYNWDNMJP8ATXwvRWJSVnCR2zXY_vWiChyBPxX8LKLr7hozOFJ4WHDlcvXC6Ms7Q2kNBt-S5k_-1oZHn2jO3rs6_rrOH84IjWLyES0IYuynOgC-ywxzKI&sai=AMfl-YSECcC1V8Yf_xBUtWNltXwnlT9qxN8dg54BfZA7_TyfR9fLFlF-2PAxSz8h1ZtzQPWfCOv2NhnFJe_l&sig=Cg0ArKJSzMv4v8_igjYjEAE&cid=CAASBORockU&id=lidar2&mcvt=1002&p=0,0,250,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2093552902&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660895898767&rpt=1345&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E27C 281 B
554 B 28ms
7ms Document
text/html 23.10.15.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3002
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-10-15-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cloudo3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 Aug 2022 07:58:22 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 62D9 52 KB
17 KB 32ms
5ms Document
text/html 23.45.52.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3002
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.52.231 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-52-231.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://cloudo3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 19 Aug 2022 07:58:22 GMT
ETag: "623de86a-cf34"
Expires: Sat, 20 Aug 2022 07:58:24 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame BAE5 15 KB
6 KB 27ms
3ms Document
text/html 23.45.52.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3002
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.52.244 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-52-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://cloudo3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=109974
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 19 Aug 2022 07:58:22 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sat, 20 Aug 2022 14:31:16 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E27C 31 KB
10 KB 15ms
14ms Script
text/html 23.10.15.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-10-15-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0c1faf7fff157dbff7978866f662396ae2dcc90ece68ea0b78c556b2331cb84b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Aug 2022 13:55:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=43613
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9442
Expires: Fri, 19 Aug 2022 20:05:15 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 62D9
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
819 B

79ms
78ms

Script
text/html

103.43.90.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

103.43.90.53 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Aug 2022 07:58:22 GMT
X-Proxy-Origin: 217.138.252.171; 217.138.252.171; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0206547c-2014-4518-9912-36e8bc577503
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 19 Aug 2022 07:58:22 GMT
X-Proxy-Origin: 217.138.252.171; 217.138.252.171; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1870d6d0-3071-4c97-aa4e-28479416682a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame BAE5 0
39 B 1ms
1ms Script
text/plain 103.231.99.243
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69344628&p=156191&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:21 GMT
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E27C
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
https://match.adsrvr.org/track/cmb/rubicon?us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=358949c5-9e71-49f1-a7f5-4323235ad9e0&gdpr=0&gdpr_consent=&expires=30

42 B
691 B

108ms
107ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=358949c5-9e71-49f1-a7f5-4323235ad9e0&gdpr=0&gdpr_consent=&expires=30
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 750589468d5634b7e99830971becaf64
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=358949c5-9e71-49f1-a7f5-4323235ad9e0&gdpr=0&gdpr_consent=&expires=30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 289

GET
H2

200

setuid
px.ads.linkedin.com/ Frame E27C
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L706J9M5-1B-9JP1&us_privacy=1---

0
594 B

166ms
154ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L706J9M5-1B-9JP1&us_privacy=1---
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:22 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 8752F125DEB74E59A0E50688560868EC Ref B: TYBEDGE0307 Ref C: 2022-08-19T07:58:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-source-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXmk3ZM0UqypCbA+q2CWg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L706J9M5-1B-9JP1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0963d041a95f271fbba7f411adc03573
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame E27C
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IKEDizh8SHCe0J6D2Wcsgw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IKEDizh8SHCe0J6D2Wcsgw

43 B
556 B

242ms
242ms

Image
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IKEDizh8SHCe0J6D2Wcsgw

Protocol

HTTP/1.1

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Aug 2022 07:58:24 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ASGCSHJXDESRV5MS5752
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IKEDizh8SHCe0J6D2Wcsgw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 750589468d5634b7e99830971becaf64
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E27C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QlyJ0exoSXGMKEiPUoOrAA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QlyJ0exoSXGMKEiPUoOrAA

43 B
556 B

191ms
180ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QlyJ0exoSXGMKEiPUoOrAA

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Aug 2022 07:58:23 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: MJ940Q33DJKWHZJZ3V5R
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QlyJ0exoSXGMKEiPUoOrAA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 750589468d5634b7e99830971becaf64
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame E27C
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&us_privacy=1---
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L706J9M5-1B-9JP1&sigv=1&esig=2~10f9898765123ecab57b8ce799f9e83b15b009e1&us_privacy=1---

0
194 B

13ms
2ms

Image
text/plain

2406:2000:a4:9fe::1
YAHOO-SG internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L706J9M5-1B-9JP1&sigv=1&esig=2~10f9898765123ecab57b8ce799f9e83b15b009e1&us_privacy=1---

Protocol

Server

2406:2000:a4:9fe::1 , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:22 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L706J9M5-1B-9JP1&sigv=1&esig=2~10f9898765123ecab57b8ce799f9e83b15b009e1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0963d041a95f271fbba7f411adc03573
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E27C
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwNko5TTUtMUItOUpQMQ==&us_privacy=1---

170 B
188 B

118ms
118ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwNko5TTUtMUItOUpQMQ==&us_privacy=1---

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcwNko5TTUtMUItOUpQMQ==&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 750589468d5634b7e99830971becaf64
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

esync
token.rubiconproject.com/ Frame E27C
Redirect Chain

https://id.rlcdn.com/709414.gif?us_privacy=1---
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e

0
214 B

429ms
107ms

Image
text/plain

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 750589468d5634b7e99830971becaf64
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 19 Aug 2022 07:58:22 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E27C
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjcyNjk5YTIzNGI0NjcwMzNjYzY5Y2RjYjNlNjEyOWUyYjlmNTcxZg&us_privacy=1---

170 B
188 B

121ms
121ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjcyNjk5YTIzNGI0NjcwMzNjYzY5Y2RjYjNlNjEyOWUyYjlmNTcxZg&us_privacy=1---

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjcyNjk5YTIzNGI0NjcwMzNjYzY5Y2RjYjNlNjEyOWUyYjlmNTcxZg&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 750589468d5634b7e99830971becaf64
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EE5F 217 B
178 B 50ms
46ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEYz5e_zwEwAQ&v=APEucNWKAV73yMdbTyeSAK1z4_STVX5w1cnDdjxpEOHXSjPaXvXLU3L_yWOz23D3IbZseA8FIfZPuwiunfEhMpY7fngOJERT0Q

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b1661ffb71705ae01b3b0cea6c065ae93d49d6b547bfeeec0260fa92bf2793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 157
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 29BB 15 KB
11 KB 67ms
63ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbTY-qC1DKM1nbw3xBZTvLfVr6H-l70gwXqw7c9LLl1PmFmS6uVw2q2qU_i4SSk0dXMmdiYohgbP1KMi7ghqTC3OWrbVXbudoOlM_kyECfBfypamuKSQgA0wmBquqGhVG6a7-GpRMtAYK_-IRQjGqvXYRRlQ&cry=1&dbm_d=AKAmf-Cbxy5pLYZV3D4kSSOb8yko-EV181kNjnv-eYEfvV-Bv2NowGOx1kANCtcrtrjj3_vhCsPkJHObuEcMOyFWK5C3YCaEqKn09Y4RVI42rKnAl6VogVIWr1RJpQGKUHL8UR5oaWsE1ScDMSZ--TRdV1sHRL7lJkynMafiB_10KnzvlTCR1rwzUC4NRDsAWUd-H9NJyLGaQ96X9jXrn4eINcovHUwlv5k_3NXTq4KJXO2dHp9sl1Ju9VXVQHnWlR-NJnJ2w0eyzvgm9I2smRMGyW_VpZhYLmZrqpU24On6IfIgsE9tKfYWaDnWG5tEWXmYsc46vq4NjTH5P4P93LsIKOKZIFzFPSlXopky-AAAXhtca4t_5t_T-wEuTchzROf8hnxN93Dfc0FlKoHJKB4I7XuYoPPdDLQwZ59ovYg8N5u8hahSCfJAJPCRxt76ZS6LDDtn4uVCyqwWSJzPxMsbTNWDYVNir2f7roAqEWLRJDgH1DMNLk0y8N1tvPP-o-IXrZLVArJyD4TgfwIiq4kXhY8SV_VFwfCF71h2a_t6cPXfD6pIFQbT8yPUpGsoo3SZAhWIwriNOJFdK5aptAB4AhVMpO_yH9NfPfr_PEDkHu1PqC3xTXPlzJWzJecKWDdRpXUIN9Va4_oxyszUEudBjQvm-Waw642yjcRyq7nCN9eWDeWIN1hSH9SwrGuvuHMKwxsmUahYAAn7C5cpBX3FF1rn0za_9ttsYxyGy6O-Z-xHVfCeaWG29MPFUlMKPcjF3qfKH_OhKlvC9g50JHk_ntfuhhqW1xlEPq623U2IZXzBUdzmgIv_U_uJ45Orgd_TBwSjDULhVxFVb4hOTsiDfI1voYSXqbhlRMOtPjdxIc_b1-niGZKt9l1shb6wQo59lzkhWTTSEithr8HrV_l0VywNlr3iLGi6wfS-GgwK_a5LbAGwh0SVMlOkP71-jnYzeIC-ON-_Wv8mDNdNn8X7ly3XpaVgaixtdyFHE3YF8vLpGRuiaLHJC2JpBUN-Js9QfFBlfxoTdGCEhFyDlqtGHUiFGcTF0aG5fshOe0nE0BDKAFpyxodaU-q3vcxjXn0g2qQF1N0oV5bu1UM09KuEydZAgzJuoQgFU5-47jqvEGaCEpXNzljozkQMx8acUWu_1F0ZSPQmSJ6qB2Mi9ZtrYBsNV6m5_4VqS0kw3jetLQcWFdxNulmIFqFad8CBCn4PFw_8FiK4J02khL0OjaZ1Eox66G3hWJEAvxrT-0lEaXmk5RBHpsZ1Ts5EbsOA9i40QOpfiuKVAehYkCNnypGAgs_aHOEztc5DMtlTDNXmvbFgk44UBsVtkMj1J21mkwjXD1Q3m27O_6QNZGrQLe4yA3nqUdq79bgUS6QBSoIVFQpuiSTgxYaqBJumXpdHlBVIjnykwy-l1H35eOk17QquT1aamsMfun2H54YOwpnD3BTboZ-YpWIEx9i1D3rlCP9tCqEyxbis3aSwS6RZXH59Dwx9sc2olzxxK9hq9zojaRnOtIWdz_doUPnfJGG_Xfy5PuIXj2zAeAtSpxXguvN4k3rZZntsRD0NyBljbVjt7s0s9sr9pTBlFBKNY7uZXBSq5dn6-V7ug2XklCUEH6ntsTHq5aPpLFQOSVlWGwirej3KU10kNLj2wWX1qAxhtdh4jVOuVPfPD2JQwTuqpKYO1TNHOrLlE7RSz1JpxDY1nRJ3vDST7QVDc1jDOjPKMF3C897cc53VO90_SSjAe97g_87rthW5L1qfTEex2l-STFRZ7QLZ1hapGyQjc2zbwAiB0FzC8mtxOS4Vxslu2R-lkWaLL1GOkDfS4lbpaEy9NbURdl1CaNkutC9_ExVgiMsnlhb6azeEl8m20-prQY65byfpzzBSYtJ6a3yJj6lMnamxm_5YDd9G3Lahb8L_ByGS-7GaP9oTSI6FM0sKAirDY7mqLy9MaUFvah0sJ-eaexea-QDqCryuCPdJR5EIQCFkC3awmE8g7iaJtNaYhDj7Bjy6q98DG-JYCIpf3Lp5_uQTcGHzGMaqTJfLNObRm2GHk_GnAtpRKBo_CUJZzha4EqN6-wDuU5VDXKYYpacWEtPTSWTKib4Q_w2TQrCP9V_La9bKtSyGlpzpBuOYwHIJaSR9_sD_aW_PPyEwOSEJ9k6Ij8HDTSZ0y9uoGEyZbayLuFDtFAV6Z6wiNnlOzQJ__0s9TKENvCH8DZZ4es6YD5pTB-iINF2-zMqpX4DhcDRpQtXMLlYrH1KUMXDxHnXyughZ_KdACs57GZmLs0FcTcxMAvMZKs47_KKyI7BFkaN8wLtxIeN16k3TZLjKeyMm8ruDMWwehdIzJQIfB0t9wQ-6Di8oKVEYW9BUN3rUTuqbCfOavvKKqaBQBA3zj2BPQieHX5fQ2aWWdn-kEIdN7rsRRbKZ6Y-_VX2pd_6m1FPBz64lLhitlU1qFoNwr5OC5mm08S1rNQsGS-vfWmOyugKWlWE0xpiV4AjU984RoBZizDXhW3kxzcSZtHOH1oramJxhs9WQEPC6-C9nUT6fjq08P8zFVxp8NlFgGj3p20GgNh4WB8USBig07jESCmfoHDCBHay-ixSylx-2jlQL9YNzycuRxCICiQrBCcHxlPfmYtTHr89Vwz0p_Z8ZMYnuZ6Wg68ljsCaW5wYXdjGJKgCJC5X40QboptAe7CEWRUXhHkq2QqqsrQZdf9xr4j4XJgdy2CwtOnd5D5eLHszU0iqjVtsIlP9lRRonYaXfo_ReLiMwFqnt&cid=CAASJeRogwUZzX1wrEddITRVPDaktf24qM5RfP1uIT8uS68x4qIdv0I&rfl=1%2Chttps%253A%252F%252Fcloudo3.com%252F%240

Requested by

Host: cloudo3.com
URL: https://cloudo3.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

affa2654db196afafbd354e1e3dc1a3c61e7be073992a34d4bf789cf333323a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 29BB 42 B
63 B 46ms
43ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CNAr1h4azqHSKRnoeqDhXOwlUPYc2lqfiMEjzPxnYzzdWNoqZVuzw6NRsNXZWrbxChY-hV1aGIXp2tMX6hHqkf38JyuMWQqXG06eFwRo1Y2mfYcto

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1109672/64802888/xbbe/creative/ Frame 29BB 242 KB
73 KB 29ms
6ms Script
application/javascript 52.69.191.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1109672/64802888/xbbe/creative/adj?p=APEucNVY6F61u6bWGatYAx4Sr-wLBOcCayL3KKFEg4Rxqy3m0ZiU3zc&d=CokBAKAmf-DX8HwDWY9oC-7MAQwYZV6QcSarBpxXfSsDvZ7RG9SIP87xzXbhtLqj5hSx8DaTC3n-4JugnJF0NwLTg9oM1-ssCuPZf4_CvXECYMHZ-8XYQmSA-KzQ7cdRno_seb3he2D89plMznJDGFLgetp01_bRliIwMLWWR_f9l9DZk2utP246c7AS-RMAoCZ_4Di_XlCcLPwJKNHOvmWulK_CaC56ZGQWDwOgQkROxlzJBO0EOTT7lhXNRXGTMh3Un09RWpm1xzm9dZPJlGDWdI02SeSo7cs_HCMDmiju-lUarNwKNiyDJK6fLAMUtlAm-QYaIw2EVXNCiXFk27zUDononJbJLnkCyttBswYS71Czb89NL7LcDvV-z7ffA6cAQfQD5iqI3P1SADv6QPvTuYXLJuZQoFoxTtzTW2JxQ1oSVFkpAJNcYFVKsbKDZUlWHKwvICZO7FV_QpAn2SnQ8c0J_mOf2xzxtsSv2qW9FcO2_PUZTD4LL2WSKb61q8D08gXvG7gx5gXHv8OUyY0bJYXoph-wqLqQz31ksTlsKErdFRot8kvqeWPk5A4U2RIbdx0gM4yukXgJWU4pDCN-FwWMRUSQxFjfSF9i_RPIHWM1-rqkvOzrWwu1b9w2tDjPH1p6GIQBm42x775mb_cPBoGJRiRcsdF_gXrbld1MidqYJyvKnquJ6DsIDPzmXm7yHrg5ggI0ildSVmfOwJlNH6vKjYcm9J2jXYyilIIrv7gymPlwTmc0ilk8SGl0t1FxdWkONP4GgmjdjIBeq7LLUpTexDaE_1vXGC16Vy1ZLzwKCGj78QjnCGZ9OmbyZDR5PTz9lN_C8o2u7M7bDz8ZsZ2-WFjDNrtTtUH_kyE1vQqY_9-x9cGPUC-iZJB6x5QhVDRhBLnWTbnwzR8qs-gklMfk_u01Em8uGG2opHEiaHsjtePsMjshZ2LvohHvakocfGci8wjNqnwTkxNhARUWgocdvg1D6ObH0J5RDDiZMdgZbgckLV5zMLaFe-pbL60VpyS-zBzQbOnGUS0WOaU55qgviK9vB3dUIcRSfXjrN9a_msw_X6Yf07gXiHVEjvggwh8L6GLcniAGFZsb5a6t2GU65pY7AtDKZp503cJei0OI8I26NHLRh4TgT8OW-vKgA1ftSSnUTnvoHlHbvNTLJbfZ6DxRZB3RkKU5UUSYz2ajcLo6XMsV45wKZ3TNd6RRXBrI36wO5h7cf2Ii1ghdovK4YNmV4IqMiQPi46DHpzerwc6Xk1Fpy12pVrzN96xKBXnoB4mP80mmE_0yLfkpnfhzcvEuwFhXf7eRgatKSnkXFWq9XmszHWs4927zF-3w6SrWHKsZxKBt2MKi4S0EVcFIB17MPHXVDB34xmurfGkn_LnyHhtx4tPwvMEmHJYXSpAU5zpyXFktAeKSwFtck8r1iEj3LPxFtMbhFcv71EWX0BmXot4w6STVl4MnPR09jTtbpGn4IFRovHE7IbnYsozTZ5hBmYHnIWbsGtBbyUsBf-7Gol0DScDZDA_OgUjj6TjIuMcYpfruyg70fRXU3RqKA_gEuDLPZiVQiMPsB_CGL6UzE9CLwvhEdxgKG3Yi-96oZoJMrMADsJ6UPUGkbCt3FAQ135ve62LB7PLD-Hk9mYFSAYZVsK3ZCL0DV72BzZA_03Rw8JrAA33wNcSMNfsre6e5bUJvIOmGvyIxuqR4KvR_VLDSAul4_6G1gR9j3UayhG9yvDzxmzpSXf0sigD8KbjNPNN9Jm2hChxWo7kh6_5Zs2laQPP0PD19NNZMuGgOBa7GpjRJEo0Rctt0w3x284G_9KdYYk66grJU9ZK0KEmKhEBJCYYkyBfZfA1owzMgA_GF5qjEZAcoxDqql1G36oiRcxVbr9ima-OfuMUB7NZWJrOw75bcxWAp1HLHawFiRq8jZVxlZ6qMoWjQcDjg1eyxrGgWR6E9fVzeGr1xva8wq4p44M85spbB48MLTh2MiGY7ujGbXmy2wOvsCg3kppO4GKaRRsQdD0mS_NyTZ6ttvCR7-P9leBag3d8c5JZnEp8Vi09Zaq7MrNU0DyRaC8LYOakPhc_SiOPf9BhGOjykY5oLw2FD_YROJL431KiL0De_jOy0d2BYweUdi1q9Ec_uGfJFVEB1FqtXCKiMQYH2iEs25-psO5JNZfvCMUgAa19LZx8iCfewYwiWNbRiXMPx0wszKQvERwQBO9oaGhLF8_2q_PM9hTfalTfK9ejCz9JoEG8Aolbba1q4W0i2SYMh_3Tu4jtAA1ZUSWpuCehAGCfmdUJSskXzl0modS0TGB8cw5lRL4AejsomdNrd0RQlomP-0mBk47oWPiQfBj0eJ1Az5ZkIafZSuGB5nZGcYkzUN2RFtN9V113cL5FAqXI9O5Ncg8pHCTXWRlrLqh8PybHIH9T_UKwlfevC9qsKixo3hIoUFyhxfj08WRLB4nbjA9ELBTmbZMc_nrfqBP8HhCPPbhd9mH7fbUjVZKFC7ihGUr7WgdA8oPSHsRHSsawFOjh9lxWERSoSkpzcQS_-gQeRcibL0OfYVSxiBpXlV1grWtMXA_0i4wuN9EzLg47_vJZno6boqLOv57cNKV0g0G5nnFhMeNu3oKibGQf6LkX8R6Pk0Dvr4tkVeq20GaBXNt0eh0ci04EGtR_ARuxlUzU0gsOVEoeaNKqHj96WWbFw-BOnvgmlKbKz7ZVEOlx09E06mEq-XTJY4CC4sH3HWOj2L7-ZJCZvO75XPul27vU2aYTzJ2iu9CEEz8446nA6z8UT15I3YsKK0sCjRXlzRa_V1ZIF5Z3DZY4zwtWzVq1ciUr_DAut5f1ZcSDn-2aC6G97DJW-qT0KK56F6Hm2In8vnLvA8nhfD7ZvMzurUoZaikuarZ4l15l54Ws5ppCqrYv1S_FKWkmhyuN5wGprasWWAYbSrEk7v-Y_JRBCZf3Wo5B1TXnF-5b7iT9r3sFVPAtkV-O-0I4SrO86tYEfqGh-UEdI5n48iJGPZrNlYHxCAeX0hmw_5HYOjERG37a_f2RlgHQwJH_jJfK4OQMi8F5GOC0IgLr_2ZVSIqlf3hgwl_ppJjEqvyUxffyLc9jPkmr4JgUvF7HCPsOTAzZR9a66hFNZPW1XojywE7ve698EeC_QAM6bwXcK3-09PbJZwHUemUE6zj1SyOkE1ymyZhB1JVMnI9cNew_QXl1oOlJUy9P0n1pXq_608VEOZJyKGBoolnacHDA7uvzI7iCzAF5nAWGqa3UX5Kp1qzbyfvBLe3AZwmPfMzRD_23JV1EcrWf3epoZ2TPOYUdGIXWJfMeD3UyCFJHdEtQdoB9Kl2duHGxTNRCqeLS_GGMfHKxrJMJRQDkisk2jQB7iMZcrpYkWMYWNy0XwxrXd8zE61zW_Yn_6HioMT6EnxewDKCFBbtlx0zfgCHXG1lnus6dNhPJQ_6xII5Acu7Q0_2ZwF35p47s-CJUo2bD76mz2VDUE3xenyuzfA70-cGcJl08nGyj7afwecV9jItxQMP2Tw6mUDOsNms97iJrEdyQM2zpagI-QotgRaSnWiuxOneHiSQ8GRK_eywtXJz9K74ySZwcaKQgAEiXkaIMFGc19cKxHXSE0VTw2pLX9uKjOUXz9biE_LkuvMeKiHb9CYAE&cry=1&ias_dspID=3&ias_campId=1008365748&ias_pubId=pub-7383171830614216&ias_chanId=1&ias_placementId=17749152915&bidurl=https://cloudo3.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gbN_6YchzlBx3CuKJqZKAd
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.69.191.185 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-69-191-185.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 1383cd1f171edd6329d9867df6f20682b52bc12ba3e27d02ac134b3e86af70fe

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 29BB 3 KB
1 KB 4ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:56:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 29BB 140 KB
43 KB 49ms
47ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 07:58:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 29BB 17 KB
7 KB 5ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:55:08 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7009 217 B
178 B 42ms
42ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEYz5e_zwEwAQ&v=APEucNVF5DPt_HOnKkWfKDLeEqP028DS_v_xxip5mxLZaxosA5UrVnN6XD-XFd_u8rWHgS8aBFRvRnCtzmrRm4nuX8AQnmQYrw

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b1661ffb71705ae01b3b0cea6c065ae93d49d6b547bfeeec0260fa92bf2793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 157
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CF93 15 KB
11 KB 74ms
72ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxFNhKq5OsvK8Tuz7CxCJTfObNXLC68Ox8M7fDPyFGEfwDWhLfZxAa-5lPojy5bQ_580oB-Gh_3DxFhqTmB6ggXouz3AETRZIHN_H0VGjMcS3hYZ15pmwQu9khUDtmEO4gLOCqBSHdLcxkDq-66LJDibYaMQ&cry=1&dbm_d=AKAmf-B6YS6Mh8KP6YSSqQlBKD9d705z8qi6t4OojYmqCbyH3gDZSqlIlw92-E1Sf3LbIKVPHMZv5I2IjneztOXZAK07soFSFc-1bp-3FNPgPxSXen_bESQ75uC10jL9FRbLUuqG8BA-ydkVJa6U2apVF5GtsKQG4V915-39znsN97D9gJQ9ewzRkWHlOkx4m_HrGeNltun0Zho0aXWtadzqhdL3u4xx2M2zz9EqhMXEM8SrpKbxiO4ygMVB7sKDsJ7ZDW0rzQHlKEPJrH1Ixi4hqL54A8gsTwZRGKF2f5N2v1yzQcxprgF05fqjIBRFfmxLiU7gsg5VglGalZUsJB479tmuaZNd9ptM3M7aLt0FsrlUAsjY1rQ25Aan_WkhWSM1BtXD8ZUazjDzugIgr0WD9e4GR2YIpZN5miFpZuHH_yvhy-Owax-EPUVEd6nz6Zpsy94wzqDQogcy1yrOWT4kJiqxw5_g62eVCZJGfmpR-JgRhWMoQDEKn0L0saYIOtKNprigDmfDt3EyJ9JEmbWSxZRFq4oFtPFH2esaXJlHR8objr2klad03JeDExSYlnyZIxYkEPwlLZMrhGmXpEgn4UfkRncEI9Kof4xTuebZ5rw7ziy8C-3xw72cgEhh30870JgzDeg3RP-TVeGDtfeNR3wlHtkmElMQIfbuSAkIwjxcoNsYK0KZz-5YXI_lfQVcHiLyEU7UQxThi5TXf7hBV215LHkvxaU301hSPQCloU9afKmAKmU0MNuBIqVl1xN6fORWJhagp5MGBl9rlWm8ZYwZ5-ce3-_QC8PEBinf5CdxGAYc1D4weOhBIH_AqkXVNcaK_4axWm2nzrj6OjsG4mduXs4X_qdFpV0EZE5WVHdNkF24LbvaQs3ZsIEHiqsfQ-vv2VX5kCBsoAYSLVy96De-DC8Ljaspr0gv-H28KGFb4u24TFcfEzS0eXU2-gBCOw4gbyBNQvqkjmBha4R6J-Nl613l04qS26sH1Sqs8Y-IyBPPxyn62MTtFY0wKu2cMmWZHZLTYlXvErjcu9MU1VEu1hKZBnsV9ttRCFyRzkyamg2aR5L1i9GRqufzmMTy9abVPbUBHi_zm11Q3UH7z0wVGkRRG53kWQoSjNrAxlJff-f7Ek748vlWOm_t61ke_fmtaFPL0Kp-LYFrbYD735V9j35cVRFHixvkVKOMJwmiL7Of0Yc6tFggvqgGVwqT-UorzojM4JIIC0JiLOKWeXzNNigC98wp0hOu2lKdBV6FWbavTq70E465TShGVbKP3kDtP8FScWkMsal0XJpaVwOcWoUcQROgTGOmdXsJQys3_1cgJ9sRZfNkdVJhfDF-gGDS7maIRgxjK0-gbp7c5Y8uGgC1oPAJIoS_iyT2UDKEpkGUKJhJC3j5r7Jl_Ls8NjjjoWD8atv1d7UEgi9aCPBRbqiVJwVFW4_plDM50QfJmqfSfRWtWZZtzOrH94uvPSysdcRMxk947esq_wSeNBxDv_1C3qIMj9pCniDA66APDNIFJfFPjMUCUuGvKtz504lYZySoFyo54fjIOA6Xt55RsOGXsUxayRQn7WMAqm1O5OXqptr2-G4SGG353Uslx7d04pE3fxS3DgTH3lI-zIto_Qy6X7ztRRvZ6BtvHi35aKJdE9fE6reuAVeu-hp1vnvoJwTuRiVWJ403FWHgGBt8gyBjlbCIJolxfIgnzPyDddiHkadCap0y4LF2yFhuUbQwzLRF005QEykPPkUcrid19UxPg5ptm3vAaBmXls0KinATOuhhVo5P5KgYEfVeomfjraXY29O6waT1lIZJ4nAHko_Wx9r1OmM6687n8PKVfxgAjgvT6sCl_Txw7e7glt86xYZ_4bb_MhBYlF4PXxVJ_rhR72kmUKck9DaiYJ9-sInKSVWOEHi_TmfjkQX_lR8PJI0hP_2qztVq0oUh-fWLgOkU-hYFbE8ZekWUAri3DEmEaSbgvMaa3uwYnaB99UpSIxvjw0dg7b9-g__viTel8_FKe9dD65XM7_m3PmgkkG37EvTmV_aGshYY-tmyAfOquiAjvujlCp8V0wbnrf7kufEEZpK-q0xUFoLriqkNUSEYEyn4cQ07H6nCuT1ui-JzCObbAOdrjKXDT46H-Dg8QwicrcNkA_8gYf4ipU3H9HdTCgTat5PBhGCtTXARzYSJibD-vmYDqZavLf1_Jy4bJvD1NeM-4Bf0Uy57lPoekwzwrpikjc793dolfhMhYLJBbVPHKkoqnK85u4j0uAU6jPgkDJn1CuZgagaVzscMqFJcBb1cJAZrEjN1gQFVeocwDaJNlvX8LK5-H1EL4kVHcMK0b-4oGIEgl56poHIYnFJl17SZQyi4SC0twFm0B3aP9FRoktEBQPndmEKFL1tnIadMLv2sDCMWAXQFiYk_OlbT6hONDymrk4PmKkjltv7gNqbgJeeYM6mNngUoXKO8rXv6Yc4taQXfGGqjQ6MlMAeq8xjnT09qp3DRwsce8A3l6B8XSY8lEQzZAVhInVKFNY8BI7rX45_wk_lcBqdyUpGLnS72m2OtuZHnc1TwtFmo-nvqEPxkK_QD-bzuV6mtReWSNyWvBg6p1EDDqZkjgOF1NiBeeVWXBK69dCWOy5FjMxGRCm9rLv3sfWlB-qwI56XOCkTxV7_oSUjbEBHg64NiDlVFxjTlg5t7DhiWwycupdQz9QaldtKL-nX57PWNIkkRV9ylrdCfcIZ8kGsedHtwKJ9EGW674fcFlha1JlXCItdAqw_1e6iUm7LhdTD-AYnS3A&cid=CAASJeRo__gVZwQ1QbKOn16hrXDzzNrD8d_eYcGlixhPM9Vv2yESA8g&rfl=1%2Chttps%253A%252F%252Fcloudo3.com%252F%240

Requested by

Host: cloudo3.com
URL: https://cloudo3.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14f5c676b8f448ae13cee66ec3dcc6b40d187837a5dd5dfe9cf8d256a26814b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11120
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF93 42 B
63 B 40ms
38ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A88MpLAO-yIifH0w1gsojI8_ryGYEGBmGBBk6e842XTmeVOxqqXqB9aKn-JO6Bh1Kfa-2fUGrurWIpoOV5BevR7faiEMG-rmQJvWdB30WPF2OlmzU

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1109672/64802888/xbbe/creative/ Frame CF93 242 KB
73 KB 8ms
7ms Script
application/javascript 52.69.191.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1109672/64802888/xbbe/creative/adj?p=APEucNVY6F61u6bWGatYAx4Sr-wLBOcCayL3KKFEg4Rxqy3m0ZiU3zc&d=CokBAKAmf-DVVM8WTxn9gXbvVWK0dUg_xuYiERPQScy0VpvIEH2VNYPrQwDSkLeb4F-F40a26aPSJ53jsGDFZfKhrGyqeto8s7qO_KUxR4FF_fq511jNzFYNUIOZG0NCrSKZM5JiRhFyfNDESk9s15j4_x1DBIzEIzuoWFCXWXxP12dkn0EQPebwJvESiRQAoCZ_4CDPi2SHqXT6QOSNbk8vkI0IJTZVH4ys_Zpa0ilS5oG-sXilws_BXc26BKDjZ13bvLsxoxOUWuHbNtwwlNluw6Xr83N-qt-Qep92qr5rrK_6YlBWD8cIgo8CrTxLER3wOyWST1F67_PXdQZsJPnzNw39Zu2agAIvuEV0GaZsdrgg4wlWPEBg7EmU71O1OS_OVDep64taFehXq09duaLIPULzmkf1hBc-agqqT6JqKX0jJbMQrXI9YNHNUdiV7i4Mq8xhc8gpD8KsQIsWzWihOQhcE9nOGpD6sHV1JEOaCqzmdxqaA_azq48wpwYekvgABt_mB0EsPzUAxnhLWocfInYUe1sMueLHxN3gMErwZ8uTar5AMjAq4y83eJ5sNLo2mUNhgb2PCmzQhfcYgxSInp4ihefc3dZmP-dbSR0XBynvOiw6BuIfcS2ZQ0aVNBih_Fi2rt7aCaeMbugVkCBK4kPjy0sPRHndArHKduIPZKZhp-1frI6DK9a4lVBc8W6F2q7Ext-yzDbDXUyqT7l75wPsbJWIGWSFIt2_uORMSx015HR3cKyKihHLRDNtPqEJ5bwVC3BCschAjeXyrzIAjBQFo8P9ro7_yxAhCVqoQCOUfA_KJrAxSFKR9tD3t1g6LlhBBqnfHLNhyh5neCzmB81er0dhqNt3ZIjet66mw8R12yLBWGaC9TMSbo703_ECOx4skbHED1Ug103470LLnYg9Ch7LiNPsy3xXh7nm_NWgn3BSTd6jqbXMHcIQQEqYxL18JvqkLYe_SwpzyENQ5osjJwuLLxo06SdoOOIqGhu0rhlIFOtUQe1RqeUGTqta7P1z9YKyydHVeSdkgl23jufx1QGCt0wN24mQCOM7i8BDfQTfhoQJtYrIeQ2nqaaJ7l-wA34uWNGY33wv9REsZ2wtsUphmpYpb9l1HSx9--THcR3ixJ0ialRnBodJmqQAmym3Wq7MFwL5OymBIONBW1vYSTTd1HJkOiYpMZ6NngHpSqEcV5AD2H4xeDPRSmUMdti5H5lD7gi3wML9W3fsC8DCVl9ZUgyVsQzLTWJ9nboJb2VHjndLfvjKsx401PBJp3m9242rYKTHzTjPncmk2BrydqZ_SM7P0fBOBOKzQY8bp2IdIv2inK48uhlUjr525VQekIPyMMPcNleRZriN8IQ2PIQWe37pOQRZuCyAGBx30I1EgLaClYEqXlwfmtODMiQRdGpj9kPVnyEDTNvvpBtArONP7KkuShFbpCEpTA_DffoZVKyqxKrZZi1xrGZPUhTK_VDTkSrQskdUooMcsU3mGJG3F0SlFBaA8UeFBmFCObdzsOMKo_EO9OcdrV9yGVADt1CgCLcnXyKkzMj905VemyXWbgT7E5CbIBEaA8xFz4fLV2hto6jFYep_EqS2WRrw0OtfGKLSJsP5JbKmsJqvo4U8hB7H-itd0hrumYfjctBzZKN6wjv993JBLZCphPudthKaWeNxtLL1D0boe9nIX8gPeY0Hkhg8M8WWNh-BYS0gG2mhOhAZeGZQj-WB7x225CYVqARMB5njir12hOATIwQsPanAqM1MFJrFwWLon61mcn3ICUjShlD-5sXdwUFRNZdA6DXw7FrEtYOEy8vZTHwlbW-5KZfdGNhE0Gh5raZgbshUczZQddZuCYmkm7LuQhjIdWRWqGLGSXku8bcwUGXIQd1puGDN3QGETODkPH5l1tzknsFBR6EoMXYuElFZ_f2b2zgjTK8ZIxfrK2CObFTjrBXFGU2SUWccuX1QiRqMjxy4NrAYOpIQAn4GL9rU1IxFKhjRAbxYR14tBrDn8r3BlzpRL1hB5KdQrqFd2iIpX4YDK_cB-xvctn1v-SGVgDVahWjQNunhJXt0AZ7NtpP3yqdOu1Toc-XqXcowLgzCK6kYG8a0cF9oKRK2-ZCZFK_iY0ekdyxxE8lDQU5Y1_SQCNABEwYjvE42l1MS_0_nLyhCyt0FEUha0wBjMbIR7L33ogMumUbk0CHZqfi9dPwWleOFgEo_A6ICFpacdopGQl8yZn-c8cb3NIVYet5B-2NPRvpU3h4l8_fyLctY4a-My9si26cJS8veQHxk7j3fNdpO9j4pZ3bxfpJ8senqtd4xg_3ZQGsU4ov8bEeFFuOVeLi05g5uglYwxfX7xNZ9r_d-sCzhJWtd6JL6kYvyaIBHypXGaSpCBXM6nz6b975n8TgRqy3JDYxa1CYJhxBv9OkccLutdnqa21HWdPL6UlHJ5x6JgIIdT717leeVA08Bn7dVALp4dTJNuGeuppl08F7ROWoLaRMqWCBEWP8JmKczUufasB9XKJSQ0as_hnZQ_BBYCJLsaPtx0iKkmACEahL289EXazYKitwgyapfbpZ6Gv3WhV1GtUSXeX89-qRnQQKz4XWlu5UoXaOIcp4dLfFB-SEkAs-CwmN0pRItWfodIZM28kN4i-dSrCkNoV_KpsBTvjBMPQuijZ_DDkDO-cXMsB0-JLqxjb6pa_st2rKd6lW4KCDQYwY3dWTiZniPZG3rTiCy4GMyuvx98IlFxYdTQ3jFVG9h4ORGgSpBWlH9fbHoTLMdmeJ8JkEqHKdS-CpR9wYEJq460d64Jf1CQ91FzuwFtvN4WSqAXtjjUlCmTKfrcs738096aahhx5EIfJ5OlgZbqEz30vx6VJ9Lt9IBZN-6Jmtd45o5MAoqweKydaKKQE4MmCZSxmH0wpAZa9GfJLmaGPFqK00cPbI0rPvSZqqQjsYEnv4jntNcGfcnQvzmOp1vGyb6CCTmtvoibWBD8siNSt0X-ojhzTW_r40TglFA7kU8tou9OaMjkt6l94cfN5Zxel6jYczTP7mNd5u69Me801lO0RMsJMUIZANRn9AMTJGyLaDqVeWRSGI38eY5bydMEdexVc8enWQUntirmlfCWbCJUNhGcbudcpxz-uy5cwhz6K2_V3Hq9bEuylr4Qq6eltkz9699YurfcImu_P5Qd4xHhboRaKjmWBjrgVzIOO6FGC_4kxpoyPrhG1MoP2xqU9rDwBxazX9mYgi7DSc69JL_MpqDnQwyLv4N69KA-nZh1d3AA-sURlb2_B-Uf8BChURFvHB6IngY5xGTlfP_d2gpk2kueHfhHpJa4rkRPSTq8EUjSINkNtJB1Bp_xGTksmooESIzsX6vONkl-7CeqATBJLuko3YE-cXnMIQR2dEATSBnlusj5C1DQ9xFIfJ3l1PipcbOceksf908f_epNut63X3r5HurCQrCR-vMmXn0xpA5HhYaGvVf5cv4Jlu4UqMKUkiRT_ULHje1q5he9IuLgfeNRb4WSEAcrf-ZE0yLNmGkyShufIeCqFbLeM2uNzqW0ABMsODPMAhc_nTldH8drCUQ1ZepEf213mXN4wLcOlXkBBCFafKEdtT-v0y9zr_qgzvGtvx9GikIABIl5Gj_-BVnBDVBso6fXqGtcPPM2sPx395hwaWLGE8z1W_bIRIDyGAB&cry=1&ias_dspID=3&ias_campId=1008365748&ias_pubId=pub-7383171830614216&ias_chanId=1&ias_placementId=17749152915&bidurl=https://cloudo3.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gaj3TMv75giQIPqhYXvF5S
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.69.191.185 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-69-191-185.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: d9cbd7abdffb615712da1229cc3d5de16e87c16522591fc2c28f64600d186a03

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame CF93 3 KB
1 KB 5ms
4ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:56:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF93 140 KB
43 KB 79ms
78ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 07:58:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame CF93 17 KB
7 KB 6ms
5ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:55:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CF93 0
0 40ms
39ms Image
text/html 2404:6800:4004:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT29jatZ1w1AmDysBjr2I1W6MopN1fX5-9zYt2ez49zlopO-GyX3gm6Ma_N0gVCdBveZ3SSbNUlgoNxeV5xJYbfmhMdAw
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:823::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 210C 448 B
269 B 43ms
41ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMzd4QIQ99iLsAIY3-WB0AEwAQ&v=APEucNXTWtykSSkfnAPuH6fPsRNvcV1rn4B3IF6eVsfCn8uJSQ_bb-k0nm0CkCLGLlO3ThClFfxW5skC7qE4DY0nId915g3y1A

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 248
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3D6F 15 KB
11 KB 86ms
77ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AX-72C1Gnu_UY-nmBaIZElU6vQdXP3Mmdm4WKkqtYTYLvxspSdp10O5iPCq1A3M-QUHnCNMr3GkcW2BzX1SXdTx7u6qHOn8wajYYCRXje2nrxVBpIU5O_y54w865WwpmhGmmw0VA1S0aE8NwJ6qPA6F4JwMg&cry=1&dbm_d=AKAmf-ArFoqgy0OyFoJOlyE1ANgjj1cedp4WmbvBwNYS7mNjpc_0TRXEplHiQf74psEWZ61UoH8s_hr9cr0JwgrG3RPeNN638y5uT-FbX3hrpVSotITeVZz82DDkEb-g_CNJYee2iWCn-W0tJFoTqDYP89xFPfeG6C7rIfCdFSTg9O7jQh_jAiOkxTz8v8HDzAwVfgwJu-VmudBdJHWrQ3qJ2kuQryn8dJNIVqJisph2moxxUwkOPYi-kEIdb9GB2VXaxcIFzYoKsNhewFWo3BCu0ONHKtLXLmhktA0gtbKZJJIQjBkagIHUOOPpzG8mxocvkuBi_mLklvgf_sq74vQcv9Eb0q8l8lxuiLJCPSaJJ-MOuYjx1ccAt5iGjAI-M-SJ9ZwAP2Ok5qUDxVZfY0oKzLxgcRSKiLBzz1HSalY80Sn6dlBvky18_-TAxim9UUDdAulIRqQWPFxTX9DpGPWVh-mkGNPOrCW0gflvMY2EI1PNWU4thxQUcMV29G2Q8coVW2nLZ260OU-lf_ZXm9PB8yAywiuee6riGK7jGcFQdf0g5jd6H3HsbcyBMkgzPuEfiLU00WE5e7YhT6FKicq9JzVay6GJKcpsaAXYZ8zpzuofSPL6e6UakYqo3V0WSa6U0qkJWB17Qsd3HMKKx6T-mq1AJLxE_HQbdndLKm-9AuIkZM5mrLgsNv1Xolfcwa7VeI4bqdid9WQ770WFJ-NPREJ4bRgvaYLOkJYqhqNVYvYs_xh7Pcqlmz5_4PF-D2wLK4eoT-__wm2yzyxafV_sOnKddjPSddxKt8Vh15DYWIwC31I8XM6uRuuGheHJPYNx_DnBrecmxhKzOZ9O_mww7ywO2sLmnjPz-74ytoyCv31BZQyuevTZb93-ddCEr9O9vQfYlx57mYzuK24sHLliV5SV5H36SwIj1W3j_SYJz6VSidQ1_K5a5mUGYvt4Xh4MP50mOH6qn_vYW9xo853A3EGE5xXZocPpadxbQVaEWsvtkPDD5HGHT-bw1SDwoShVUWAssa0f6s8XS7u4mwg0UUK0p1NnZMwpF14RJMapWDJYuFJOf3N2akPvYXn7QZd_TfLdaMhJ0_wbB0Yj35aVoDOkbEfcBlAVXTSr_Fec1rH7U1iFIQo8_K3JYT8sAR_VO9FeSFo9QtYTXOrwpB0sVeoJAoMIbdMwEeyk21yvYO8r4swi_RWnRATGL61xKIUMxb9148NdOVivJQsSU4wiMdZ7LtDviIL_gWOQBCFoRZEeBUKp1mHxbvktBsLUIWkAOP8EdJwTp3_MN02Yr1lsmfXQ8d_uMSWu-7cjatE5OJfycs57eKzmF5rkfI_paTmf11qzocg6oyY83vGuhc-uihkAs1XI5HyNWxWepMu0Yyg-Iowhcg4EWAOKyzfo18WTxEWmkVzGKnC_8-r3R-OutiCo0o5FkC_iHYlaBc6IEW0LJsQ5t8hxES1JkTPZ-C1EIn_p0oi7kEZE11ysRd2UqM7TZD4u7Wnzkjf5JQD95q0nEuyjkq2738adnuiXmamNRFi-RqXwLzsyxafsmVsksreAJmflMSU5L5p_HcaV8VGxHWd4iV3U-QF6d3FBd8OMyp_EchZ1V6yhl0Ge9xQpt1T6l7PW4cXjiPyYgzSEVowIkmNekFB9eoflYnMVd2m7GHxYhErod4HIuWshVXD2CRSIz44dk9N0uoPn1jotFas-cOCSj3CukermARW9J9tvg0XwGVaK1VF_gqSY_orQUglFWpy5SD14Ol5iRwkIeQiFudpDtcwGAKSNWhosSnRh2CVOvyKKI-YZ7nFr3hZ74LdkLE5KsGk-lAHiSSZMQoqBf87kU6BInwMAkqHR5zTODFWq1o-JUlyvtvt1FwP9jvxooExWZvGO8NQjWNZQTTvgqFzFLAS5UuPNY3wjKho892cvRcCtm43MtVhYqpjhPzCffUZCBQXUkVg2mMHKmp4Z5lcEgc5F_RAStYdghqp30J8TrXxJjUJP-CAbZWWRg0_ebdFz-AuhaUBAW65kSfyPEQ-BDPdALsIPPdCmV-SdAPB_emzrLMOhHpstyZcoxKlHtGLnTMRZemH45nGk_arDDJerMG3424cTgDRunKr1UseBJyu76YGoJ_mtdwIICwV0NOlisOZqrGrvLc62YW2-BhwfdcAsiPSePBVBTWC4-XwF2UfAqIXzHfsDOh_kyl_Lo0bpr3K_vOepssBFKKdtOe2ddPQDs4BBBQu-FbihK2eo-gyTm8BUIzQVhdP8Qbddop_JnlsiKEKUpv5gilHd8m12pl8Z4DKVKFXlAte9R2MJbqyUWHmRz_JErMqIfAcoyt0wlEcs2e3DOEmM6jxwtc55xEDS43t4BhYqmJZF_D29KPwIguCy7oBRp4-Z6gnv5qQeMdooUoKcqeUdwk2iAV4afX1JBk2oiWrlbCfqH0X5R-KxReL-HdodWR3BysM6YS8DYU47UtVDFdQNM1h40nahp1FibizT38aO3mB-t4O_F6_PqrIjhHmxhHX6dR1MVWYxzrSMDLKzsnWbeb_nDfN1fWKKwBnthZ-vEAPUdZergNJw4VbdZtHpSMT0roHZIxgk356OewkVLw3LFsZIIxIKSSkYIpILxGwHye-GVr7mw-v1PW_jt_1k5GUmNYz12NuohvgXynbkf_a-UNsGtkp3hgdYmOUR2-jZVOyY61Un36iO_7gxio1gZba2WKb8dNWOJWUpEhiFm2uWsRfEHFE56dQlqjwApsYNOIZiE5iOXurz6VpJMIpgPq4VrI9kuSCi2ZDRSjD3SXFkqjHiNv5oMjWKgjg02UwnwXjJMjUmCBGZ&cid=CAASJeRoFAPTEs9vs1Rcf6Kdym8-UW_3yr3G8p-EiTVkGusSMjDYPz0&rfl=1%2Chttps%253A%252F%252Fcloudo3.com%252F%240

Requested by

Host: cloudo3.com
URL: https://cloudo3.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

222d3713af155825ac68cbcdd54b07d656075ddc59e200a93515407b03159f96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11064
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D6F 42 B
63 B 49ms
38ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AIU4FUy3xK2gwoqw4r6I5AQ5-XZjCtJchzdDkWVPjdoJHxSEwrl-odZJXS6yiLxFX0-q9FcFCmWgcw7GOPWj_ozZOUVmqssw6y-OvvGkU9DMctNxs

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 3D6F 2 KB
1 KB 28ms
3ms Script
application/javascript 2600:140b:400:1a9::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11025772&cmp=28270974&plc=341925104&sid=5795532&dvregion=0&unit=300x250
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:400:1a9::4469 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:22 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Jul 2022 08:29:57 GMT
Server: Microsoft-IIS/10.0
ETag: "f8e0a365b799d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 3D6F 3 KB
1 KB 14ms
4ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:56:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D6F 140 KB
43 KB 79ms
68ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 07:58:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 3D6F 17 KB
7 KB 14ms
4ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:55:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3D6F 0
0 47ms
36ms Image
text/html 2404:6800:4004:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRpaA6BRXKZeg_9mTKF0DH45g9pwJ3pufwZs8kv8bpsHHpCIPK4sVwKE_Dv0EWcxY1wjNpUrUIp3kxMnesvO02w8O-aEg
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:823::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7B4C 611 B
316 B 50ms
41ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxCfzKr-AhjJ4bW8ATAB&v=APEucNVlSERMx8-ki_1jfGSzhPu-LvPyvTpfdz0w4wuIcc1Aio1MHH1tiPxnGMTwC9BBm-IMpjrn2Um8DCNNpnW76lt8FOeafg

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:58:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B413 15 KB
11 KB 77ms
68ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AE0eUcNEemuqCKqwU9XZX4WqHbxbQPgYgvTFBXxzWUNM2jhF-yYQgyBZcMl9CUdfXyCOwJjDJOQ8aG_r9NN_CXIMpqXgG9frWWYrmD4GA7kLBomtJOWe1JpJk-e2Z79r9SxCIQBxyWhNZQwqC81BDjqNVO3Q&cry=1&dbm_d=AKAmf-BrQHs0DsJbvHD3kgDJQLjkwvkiQ7zM1sLtIb0pZKDxsMvvmDkzyLhKsynETMAuwsCbsNoKa-HSRgQHfUexOc10zKkQ1X0iljC8fevj9QqMcMTTGvx4Uu03T0B7-Z0FHUoYct6Qhn6kjm0lAeubwcE3_gmwqJDZd-8Tp4f_drVmonhqK9mtj2cAFdrdGwwFl5am5TqKnJlKiUGH5YDh7YVQHltCVHDvVLdWfi1GF2w0wKP3ABf_jMw2OgHAnrEnE-BqMUJ_u2-JlZwRD29PxZW4UziTxAVexv9l6zuB7xQ46LG01tYi9CWGeSksAro1U_waXEold7g448phgE2IKsaxWz6D7iNBPIWK2XHJvn6pOsYNqvc9oC0VYFr1m5_na9XOpHZl-Kk_D2AUuTGzyd6APavvM7rpScFzXuFKRzC8UXlxPeEVJTRvLj5e1MPLWzO7x8nFXft0IsIv0BryOuoWFjntJSjMy5a0eJKTsbji1-tzBBJyxycgM3M2gZP6WjjEWxJvx9e-2N-hLzuROKlJ7M5suPq4ZHGv7jHy80JVfZ-W7mNqCgwvqJ7K7ORkd0-ibdqD7Sgb4XT1woSAh1K8G_-kFnp21QREor4rtZHUAG9vQlVG5QnZflug9RV3rwuBXWfLkU4KIXtfsCc80xZ1fZW9AkuGmtqyneO8WdZ4dn5gj0wXlYvQlTmR0dnB-jtAqjObwVOWgLCKGaVJ8cB487KTAec9TpFHFmFJKORjYpSu2F59LIyWyTgLyS5x19M4RoaO2CkDDFtvQ8mtxoyGD-hY5Qccgyfpqi07Oy1uFumSKl_Bi9oQdhVyvtX-tLJKobEvHoHL_cuppxvUki2vfHVg_vzZOeaS9yNr15bB4mZmuinjyf3VIPIDAfcxnzxlb_ZHDRkdsbtrS5yheoxO5KpY5Uaar9W5JsVqbUu-0o5nPYFeh39XSZEtMdiSd6054tu3i1bVvpog1DPd5_c_q7gONjiqmGJ3ebP_QGeOa_2HcK-_IoujJwsKRKsJQPE3AqIwdqru5KXe8US7pW6QKXOVsOzdOzrxXK5hYWkQv8KgDdXWI7Pb0uUSpXB5Cf3ybNsth53zh3xXCXPC26UickKweCBKDFU7I6dki3fbg5p5NBAY9YpSf7gdAa8XtcAYg3sseYbPBjUt6JRMrROW4WulsB-FkYfg7ala0gLHzVr7G9TtTixdm9o_seJntQD23laW84vTPJLnkp-l9b9joYRa1Jbo_B8bOGD40FSEIR1-8b4T4u5Ajvhyd0_T6uiGoYd4a_UbPn1JB7nVpys0lWivCBkr9n7mlkXX_Ou5niizuoQtqQVRiTU8siQHCs9wkrRsaWP3_N8DsPfNnpiJ-CcmARf3m8CrA12R-v4hoSYfDRKPIaF3Oe2218kklCzSh-aeuLG8K4x1hR_sgv-rbogZnp9t1V4CqHW0smraMCjRRKaDPRPa70ZSh0gDZVpgDLcdG7vNP14BsnCzN8hbG_d__mS21eLzB8rpAs2vuKDLdhezpsdXISUtitL_ez1u2B0i0HDwOc0mVvEdWn4ychWCMD_NmWMGFfz9xc8SwkBfdkXZmJHHWUc0vaLlLx-1rtRIpnZSnSimrxGyuTx3p6R9gOMqNcX3a4EK4Cpa2r0-e1y9y7-SsqyRsEkjFFcnKCNLIxcHdwb6R1ASWWyCQ8xVyzn5M09UJ460zXGZ-S3bp4U-h_oKlvxlxAF78NwQwWV69MPxklcpJs2KrogiavnzEX3QBbMPh4FloTbaaPmdpiHCbXKRH3zC8puXm2Oywwerfw2PJ9DTLSfFWq1ngxWpRZWZKQ39gj9blqjnXkymVulySvXDOD9-6jeHFpoUWbiY98sye82YWmYnkUueYfTEIhGMncPx85NcUMZrE2UemjJSoJdnd5ejcZJb-UslVfkly21dIQCF4dad80XvwfwHKoLLekmKJEpER83WDaZbIr1AGP5f04EXCiWDzTu8RFKI2gtvx26b9YcrzZBbR_HKWmAoPkm-ejnD-kMRxryI9OacP7Nbi8mu_lZPNJNZts-Eqgb26P4ONbtHkLzvnmyNu1B6mfrKbujgJPV-namzactFVNffr1JCauApxhRVLwI-zAU3ajO3prqPKPnTb6g4OyzbBJbYhHI40RK1_YUZPdCaPlv7L6m_yu5EYoRYRskjlFipkdX05lKXRgHvS8cAOtRMQNfIpCUb3AzWfA0Ho4zGgInviivL5JBfvSOrhGf-aSBc8sxhQtE0VOzPbfeXFMIkIIHbxNv9YqtIjBe2yr6ZZ0v-F2RNcn2EfJWstp_1xQDK-zGjD3z66CG3ORzXpTU1KyJqFAqCKRcyVfx9Zs6nDXlJxyaevDHw8JV_aUlYBxs476xt_qKkU7lLUOCEzSeRiLX1s1Haoj9QKUu-_UGg9vocKsfqomwSQykuTVh5Ta6dftiRLZqhB82m-Bh4y3d9wNP6JZOS_7kUgam_jG4AdA98DBMju37wKdimP5_gfPf6ogShcMs8twegh3e6p7NSXdHKxxnMJy_ZRHF4jTHF5JTyo-e7WJS1R7u18MkjU4KyFXcyL9x2eV9trehBhR3ief1Qlr6dAvOIp2SiJ11sEg69OiyLENIExwlDqFSYJ7X426DtOuB3zImKWdVmjx1aBat3ZphNF5x6ynzKxVJF4EkRL5Wvo54BIbbrLeZvWv3E8tey2gaj9L_I2pfgm8cHipvAQg0NdQx8D4YhzJLjqsgsD27jorrY_qL1oMwe0Y9am42q-IEAJXcMkuALNSKjz1-4iVxcpJh4QXBni-Iy9lt_eIGbyieGG3_sqi-8Q4t3nFbTAQH02iDrASADnA&cid=CAASJeRo9azXVw5dYTQKQk3PyyJ70uyGNDqqRblo9WUU5mazbpcmFh0&rfl=1%2Chttps%253A%252F%252Fcloudo3.com%252F%240

Requested by

Host: cloudo3.com
URL: https://cloudo3.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f44da5202974da6ca4256e98012d9911e392b90ab3e003596efad5c2dd710bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11179
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B413 42 B
63 B 49ms
40ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BlZb9FLn6rvW5YKVekIK4aDW2Kz1NiyQ0cw2UviTimxVkaKSjyHHdNezaXjCS3UaWNBeYdIfCtqUIz8FqRO379xEU6EEl6bI2lS1vhIhdpifGMxFM

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame B413 65 KB
23 KB 299ms
100ms Script
text/javascript 142.251.8.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNX5G-V84DD-JXpew00bi7gU_VnPhkBybDa1Yb6O2TKPou-37EE&d=CokBAKAmf-CcPw9OLNwvgsBZZgwyel2SomfuIUviT0sWCI2M5uBez8T0YP1vE-Wv-DieYF_t6tcDRy-GIwIGDgTk9_3lmEpPnNDJ8QDa3GaEhSwR5-8J1X3gNWfWaoWY9v0Fq2chctKj8unMDFbkmPKHQN0ZuwplFcVXEdDNY6rFXPJAHd_GvVPTepoSyRMAoCZ_4H00YO9LCnzSBpJg9k0xPWvAbawhwDqfRdVzhS1vlDoSMHWpUkNR70Evkqgl8t8AnbApaYMHW1U_KIBgkT5wclt--1pcTsg304tT5_Nn_Yo59viWdenx1PeP42SXNZdaY2fo8vSTRr-bfUcr6FT8SR_2o8szfm_giTjxBfAEFfzE-Kw6BdTJgMqnb9zxIjlDcm_ETyZgFzpI7UDa_F1Uuct4LtWBVCNsJ_JWLhzhTzO57pVZvEZCYxpLb8pHwunmArvTi4dwbXhZDc3vgTKyjj96-_IEC8dS29T-eiflDniWdxBzCiz30xHDe-037wq3wHXzEgFX1KTxO6g0vrCyuCwCjTDaKsDkys1tiL_-b2GuCBUW01Ldlc5_IAFtb6lhsZMvZf2CysVuapn9SJ4SxHwfbp3B0UCZnfV2XeE9fZwNZpbNVOfwhS-IJUpPgW6Tv9v-aAjkd815b6eZSEZC1Sv4RMwiLJhqx4r_MqAszUwhhSZGvY9JpeSrVf7UrilujXuol434VQyJjipjWwC2uFPweNj4dtw7zbt9yVWAxSOK_WDW7zvSjl7tKV9X6_TwucsxFYtwyWaGcJGVHrNbuvYr1x6fh1toBiYkBc3dEs0QJlr1z8hQ5Xb1iWD_5aGhiSIMFvyi5dWJwROSOIalk2T_2_afLcdG9rGhZzIsWLkRVzAqrkrXz6FCbKXqsxnAq6PVrshGBIGQMndwSjCPmZET2G1SyI_5mAUBfryewwmjnV7Thj0lL3eGyao9bHn0zOt64eixgkMaiek5pLnoaNs3eH3LnKWEsw-HpuavYFTY5DFAcOMbh-3b5tePByE9HLNB0ANpWi1FOZImWGT2BTL-v4o5pIekK2bOwlCFieU8JyNgRQELiglr0rxDZQ1eQlc4phS2tuB-6Jk5fhKdy0DCWDRctJNr3fehQJlds5R-WC5w5kcy_D6G5K8JCKL0oPx067BaEtqsjlfX4jA6FBJvLGVGUdSivrTTjF7ckrr1u7jVx_c05ygWIZzQVDcW6qOBZ33aknmUyqmhGVwDGjsVdRfj1-a3l8ry0GghoBfcUpxhaOji75NI7NT_CxKXNPb0CHDIkLWqdAqvCZN6TbmvnSEJ_7h91APOXHyGlWjNpAbBFAsqkYCCILQHAf0wOZdYP-9_wc2HDt2pYQ2-4AqCbBNSo9mBdxxNR1bt9TnUq9ze9oLWW8fI8Cj2patDKe-zuYiyfAhEJubyNeWQdaeTz-m8JiYSJeZQfH2Ma77bMviLVwv8sHohx3n-1xWew6zLNC85S2Hr5K1J7Upo9qMG0HvasueEvJx6yIB9qd9Wm3glbPfnxoOIMdNgCkJRl1NGCDJTMgZiR4klOE5Jk3vsPWgtQqcz7d80PMqiJwcTvXQ_RZznFyaxjhs0rY8gEEuWJL7JupauByyFnZQ-JU5sYo1V8L8sC2KqeXt3GTllu6BD117vFkLiWjh8BM4_mfDt_AFOZ6JFKOIGqR1G3DNWX1vugLsjilCuXMvXAR-QcH8GbLuoSIu1epaJP9MUPCSbhRnVuE74ra5QDpb1J8OXrIn5dQXZVTU-UpGXmiVC5G5GuxW2F_KelCDA73TCSid2l3z6W6VDoh7C_f6by9d6fe_ha0_eC9AQXmkKOhgMWgQV6QRbHnAMTYLMgr5Fpc71j40qeVchVJEFdelEHJ-ZrNWDOtXK8NC3dfTG2BuaoYvu-_OYQLczNpW0EJqwX5zH5HAq7RVJ4Qrkqx19eGrUvp4BOAnnJ_qtVFuT0yJK_IsANj6MSBR5JV-XJVGCrJ9mMmds-TxmnZdOvzZjQKtLkr0aqVN3t6oWW3WpLBEC8kVUPDRV2Qcc7TuTQEuBuB1EN0N0jquxqtNWhG4kR9OKDVxVe175piwTkFXFEphAn50Clsg0vLvZjCeErJQ_NIF_uQZLmZHFwMfbEcfBdSvAWvbjojuuCd0_-rmkiVD8-Tqp4rvcLtguskNBNo8qo_Y3e0Am176_MsNfgfxhOwtD4-PB-S4tT_n1e2Wjrvwv6N6xyiFB7JDrhbTb2tCvI1EP3mXjG6MpzVc-xlPyImq3__wO5jyHbMrpcLapj5MoicYEaq2eUGPW6DGTX-eymV10UZJaR8pYPt4m57PlPhjiWo8Qt3V5sH6NeQsxf5Lw6aHlwCAPS8bQSPoKtKmvhrNwYqI1HW-38-xOynI11Fhxkb6pB0dHNdjPwSb5Bj1N-D-_fqaxi66elkDhCbYjRx61g891krWdqES_2oqBiXYr4mFGzDCT-V7cwaAgVHfn9cQm79VrNhYjYouSfYVxB39Xz7yY1H44Ek--yNWhN9d9pN4F6eidfvnMp-05hvIDxnPkdspxisDV9Dh02WKACwwjqfaQg0wet_EHWvJ9FBvMsnf0GF5K_SA_zbCGzYCirpD8vQFXO8-7YRPViQAR-RMPO6tLMNjoabOCaHj12CSmJZnBK7OqQ9Hv7Mx7CYeIBILbAUEz1ZE02rUAJ4fluNpN3AGhNfE5Slz7PdsiRIfWJ0gVFmYo3R7GC2vB_6ifEEJYASNCXqSr61kIbKaYXp2dIiHKDKB671FaG5YrvlRFqrDhQ3Za13oG_p2hZgok9K0YAPZaSkrzRuGFNMOuTPxMEj3iyIKjCReE5yPhud_ZuZTzJCNR8M8Bn5VCAl9MDHYppnRlIuc9qRJBQMvoqosAYEP3pN3-M6meom8KFy0nBzeE8ZNTQ_CAGjR_ZdSLyO7CwztuKiqIzF9wEFEBRNa_9LnaWeRsqGHnLSPvO0m0te7tvRjBTx17DNy9jVsrLMOa1moRVPCXWgMaI0el_V4STsiUBIBOBHE2suOygQZlF1tMozhU_a98ViKTZZdC9NQMPZVQlsxUO3oGyiHng5HIvUCISbAV6FsfN_xwoWU24-5PCUKo6VQWa0oja9zAYHLYzVub04OJ8_YyWm9KEyPFd_4DEmp5KGAkRwqYdNce3wgF4M1eVUJUnbp3unqAEamAisapOWjjq35EmwNQKUAeEGn5Blx9Qc_oJp9KN1MXrTpL7QgBt32ZArpfS51Jpif0vxEdSqFykuk01ga-ieZuW38GXKRDs3UxQlRX6IFmZKFn1MRzySRCHOQZVUPVLbpsWBSbSB5Y2C2YBYW1gdh9oEXehHNtE190z4Pm-6q_WM1cBQiiKHC9Snf46E2wB36P-avTF0hNGzaYxqooOP6gppJBLT_4LOOmjyL6HvZMNa9Rcnyfi5Q-Iiu9B483rOsu6ouiTaCzQrfg6mu6bN1OciQa_FgbQq9pIvHmHNBcyt0i5jNc3F9Jo-WD_x2AGFcCoglRtdMqT0XaV6wiS5I1sY8aKQgAEiXkaPWs11cOXWE0CkJNz8sie9LshjQ6qkW5aPVlFOZms26XJhYdYAE&cry=1

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.8.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-13-249-167-66.nrt12.r.cloudfront.net

Software

cafe /

Resource Hash

42f6308f065b8e361bd1f22f093b06e7ad6a54f8664ef3ced165ecdba7c505b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22792
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
choices.truste.com/ Frame B413 27 KB
10 KB 196ms
174ms Script
text/javascript 13.249.167.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.167.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

68f0b0472102dbbbc6449cf76a63e782bf4fa81f02aded972262aeed271deb46

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: NRT12-C3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 60c50cffacae235c43f510af74c11cda.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: CmAFEWem6QmBzCdu_qEAkUi5EW7giwd-kncIwMdc1BcIuH8f1WxTyQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame B413 3 KB
1 KB 11ms
4ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:56:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B413 140 KB
43 KB 119ms
112ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 07:58:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame B413 17 KB
7 KB 10ms
4ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:55:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B413 0
0 48ms
43ms Image
text/html 2404:6800:4004:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxottANvKsy_a0UYYe-QUfIy8rXTCX5ZBhxOJU2-kz9ChNXsCXf65c5QW-2vAXCfv89nK69dWVb2rUaHgHEj3w10W_VA
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:823::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE5F
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=YjViYTgzMTcxMzA4MTY0ODRlZjU5M2I3YTY0ZjlhZDY=

170 B
188 B

88ms
88ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=YjViYTgzMTcxMzA4MTY0ODRlZjU5M2I3YTY0ZjlhZDY=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEYz5e_zwEwAQ&v=APEucNWKAV73yMdbTyeSAK1z4_STVX5w1cnDdjxpEOHXSjPaXvXLU3L_yWOz23D3IbZseA8FIfZPuwiunfEhMpY7fngOJERT0Q

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 19 Aug 2022 07:58:22 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=YjViYTgzMTcxMzA4MTY0ODRlZjU5M2I3YTY0ZjlhZDY=
strict-transport-security: max-age=31536000
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200

beacon.gif
d2935610468529733707-t9130604359672486128.id.amgdgt.com/img/server/ Frame EE5F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEOFhEGLlKUBNWcIF1lMzHLk&google_cver=1
https://d2935610468529733707-t9130604359672486128.id.amgdgt.com/img/server/beacon.gif

43 B
283 B

320ms
77ms

Image
image/gif

50.116.239.150
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2935610468529733707-t9130604359672486128.id.amgdgt.com/img/server/beacon.gif

Requested by

Protocol

HTTP/1.1

Server

50.116.239.150 , United States, ASN6336 (TURN-US-ASN, US),

Reverse DNS

Software

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:22 GMT
Last-Modified: Fri, 01 Jul 2022 18:27:22 GMT
Accept-Ranges: bytes
ETag: W/"43-1656700042000"
Content-Length: 43
Strict-Transport-Security: max-age=15768000
Content-Type: image/gif

Redirect headers

location: https://d2935610468529733707-t9130604359672486128.id.amgdgt.com/img/server/beacon.gif
pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 29BB 41 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbTY-qC1DKM1nbw3xBZTvLfVr6H-l70gwXqw7c9LLl1PmFmS6uVw2q2qU_i4SSk0dXMmdiYohgbP1KMi7ghqTC3OWrbVXbudoOlM_kyECfBfypamuKSQgA0wmBquqGhVG6a7-GpRMtAYK_-IRQjGqvXYRRlQ&cry=1&dbm_d=AKAmf-Cbxy5pLYZV3D4kSSOb8yko-EV181kNjnv-eYEfvV-Bv2NowGOx1kANCtcrtrjj3_vhCsPkJHObuEcMOyFWK5C3YCaEqKn09Y4RVI42rKnAl6VogVIWr1RJpQGKUHL8UR5oaWsE1ScDMSZ--TRdV1sHRL7lJkynMafiB_10KnzvlTCR1rwzUC4NRDsAWUd-H9NJyLGaQ96X9jXrn4eINcovHUwlv5k_3NXTq4KJXO2dHp9sl1Ju9VXVQHnWlR-NJnJ2w0eyzvgm9I2smRMGyW_VpZhYLmZrqpU24On6IfIgsE9tKfYWaDnWG5tEWXmYsc46vq4NjTH5P4P93LsIKOKZIFzFPSlXopky-AAAXhtca4t_5t_T-wEuTchzROf8hnxN93Dfc0FlKoHJKB4I7XuYoPPdDLQwZ59ovYg8N5u8hahSCfJAJPCRxt76ZS6LDDtn4uVCyqwWSJzPxMsbTNWDYVNir2f7roAqEWLRJDgH1DMNLk0y8N1tvPP-o-IXrZLVArJyD4TgfwIiq4kXhY8SV_VFwfCF71h2a_t6cPXfD6pIFQbT8yPUpGsoo3SZAhWIwriNOJFdK5aptAB4AhVMpO_yH9NfPfr_PEDkHu1PqC3xTXPlzJWzJecKWDdRpXUIN9Va4_oxyszUEudBjQvm-Waw642yjcRyq7nCN9eWDeWIN1hSH9SwrGuvuHMKwxsmUahYAAn7C5cpBX3FF1rn0za_9ttsYxyGy6O-Z-xHVfCeaWG29MPFUlMKPcjF3qfKH_OhKlvC9g50JHk_ntfuhhqW1xlEPq623U2IZXzBUdzmgIv_U_uJ45Orgd_TBwSjDULhVxFVb4hOTsiDfI1voYSXqbhlRMOtPjdxIc_b1-niGZKt9l1shb6wQo59lzkhWTTSEithr8HrV_l0VywNlr3iLGi6wfS-GgwK_a5LbAGwh0SVMlOkP71-jnYzeIC-ON-_Wv8mDNdNn8X7ly3XpaVgaixtdyFHE3YF8vLpGRuiaLHJC2JpBUN-Js9QfFBlfxoTdGCEhFyDlqtGHUiFGcTF0aG5fshOe0nE0BDKAFpyxodaU-q3vcxjXn0g2qQF1N0oV5bu1UM09KuEydZAgzJuoQgFU5-47jqvEGaCEpXNzljozkQMx8acUWu_1F0ZSPQmSJ6qB2Mi9ZtrYBsNV6m5_4VqS0kw3jetLQcWFdxNulmIFqFad8CBCn4PFw_8FiK4J02khL0OjaZ1Eox66G3hWJEAvxrT-0lEaXmk5RBHpsZ1Ts5EbsOA9i40QOpfiuKVAehYkCNnypGAgs_aHOEztc5DMtlTDNXmvbFgk44UBsVtkMj1J21mkwjXD1Q3m27O_6QNZGrQLe4yA3nqUdq79bgUS6QBSoIVFQpuiSTgxYaqBJumXpdHlBVIjnykwy-l1H35eOk17QquT1aamsMfun2H54YOwpnD3BTboZ-YpWIEx9i1D3rlCP9tCqEyxbis3aSwS6RZXH59Dwx9sc2olzxxK9hq9zojaRnOtIWdz_doUPnfJGG_Xfy5PuIXj2zAeAtSpxXguvN4k3rZZntsRD0NyBljbVjt7s0s9sr9pTBlFBKNY7uZXBSq5dn6-V7ug2XklCUEH6ntsTHq5aPpLFQOSVlWGwirej3KU10kNLj2wWX1qAxhtdh4jVOuVPfPD2JQwTuqpKYO1TNHOrLlE7RSz1JpxDY1nRJ3vDST7QVDc1jDOjPKMF3C897cc53VO90_SSjAe97g_87rthW5L1qfTEex2l-STFRZ7QLZ1hapGyQjc2zbwAiB0FzC8mtxOS4Vxslu2R-lkWaLL1GOkDfS4lbpaEy9NbURdl1CaNkutC9_ExVgiMsnlhb6azeEl8m20-prQY65byfpzzBSYtJ6a3yJj6lMnamxm_5YDd9G3Lahb8L_ByGS-7GaP9oTSI6FM0sKAirDY7mqLy9MaUFvah0sJ-eaexea-QDqCryuCPdJR5EIQCFkC3awmE8g7iaJtNaYhDj7Bjy6q98DG-JYCIpf3Lp5_uQTcGHzGMaqTJfLNObRm2GHk_GnAtpRKBo_CUJZzha4EqN6-wDuU5VDXKYYpacWEtPTSWTKib4Q_w2TQrCP9V_La9bKtSyGlpzpBuOYwHIJaSR9_sD_aW_PPyEwOSEJ9k6Ij8HDTSZ0y9uoGEyZbayLuFDtFAV6Z6wiNnlOzQJ__0s9TKENvCH8DZZ4es6YD5pTB-iINF2-zMqpX4DhcDRpQtXMLlYrH1KUMXDxHnXyughZ_KdACs57GZmLs0FcTcxMAvMZKs47_KKyI7BFkaN8wLtxIeN16k3TZLjKeyMm8ruDMWwehdIzJQIfB0t9wQ-6Di8oKVEYW9BUN3rUTuqbCfOavvKKqaBQBA3zj2BPQieHX5fQ2aWWdn-kEIdN7rsRRbKZ6Y-_VX2pd_6m1FPBz64lLhitlU1qFoNwr5OC5mm08S1rNQsGS-vfWmOyugKWlWE0xpiV4AjU984RoBZizDXhW3kxzcSZtHOH1oramJxhs9WQEPC6-C9nUT6fjq08P8zFVxp8NlFgGj3p20GgNh4WB8USBig07jESCmfoHDCBHay-ixSylx-2jlQL9YNzycuRxCICiQrBCcHxlPfmYtTHr89Vwz0p_Z8ZMYnuZ6Wg68ljsCaW5wYXdjGJKgCJC5X40QboptAe7CEWRUXhHkq2QqqsrQZdf9xr4j4XJgdy2CwtOnd5D5eLHszU0iqjVtsIlP9lRRonYaXfo_ReLiMwFqnt&cid=CAASJeRogwUZzX1wrEddITRVPDaktf24qM5RfP1uIT8uS68x4qIdv0I&rfl=1%2Chttps%253A%252F%252Fcloudo3.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 23:16:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376936
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 23:16:06 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 29BB
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1109672/64802888/xbbe/creative/adj?p=APEucNVY6F61u6bWGatYAx4Sr-wLBOcCayL3KKFEg4Rxqy3m0ZiU3zc&d=CokBAKAmf-DX8HwDWY9oC-7MAQwYZV6QcSarBpxXfSsDvZ7RG9SIP87xzXbhtLq...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVY6F61u6bWGatYAx4Sr-wLBOcCayL3KKFEg4Rxqy3m0ZiU3zc&d=CokBAKAmf-DX8HwDWY9oC-7MAQwYZV6QcSarBpxXfSsDvZ7RG9SIP87xzXbhtLqj5hSx8DaTC3n-4JugnJF0NwLTg...

44 KB
18 KB

244ms
151ms

Script
text/javascript

142.251.8.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVY6F61u6bWGatYAx4Sr-wLBOcCayL3KKFEg4Rxqy3m0ZiU3zc&d=CokBAKAmf-DX8HwDWY9oC-7MAQwYZV6QcSarBpxXfSsDvZ7RG9SIP87xzXbhtLqj5hSx8DaTC3n-4JugnJF0NwLTg9oM1-ssCuPZf4_CvXECYMHZ-8XYQmSA-KzQ7cdRno_seb3he2D89plMznJDGFLgetp01_bRliIwMLWWR_f9l9DZk2utP246c7AS-RMAoCZ_4Di_XlCcLPwJKNHOvmWulK_CaC56ZGQWDwOgQkROxlzJBO0EOTT7lhXNRXGTMh3Un09RWpm1xzm9dZPJlGDWdI02SeSo7cs_HCMDmiju-lUarNwKNiyDJK6fLAMUtlAm-QYaIw2EVXNCiXFk27zUDononJbJLnkCyttBswYS71Czb89NL7LcDvV-z7ffA6cAQfQD5iqI3P1SADv6QPvTuYXLJuZQoFoxTtzTW2JxQ1oSVFkpAJNcYFVKsbKDZUlWHKwvICZO7FV_QpAn2SnQ8c0J_mOf2xzxtsSv2qW9FcO2_PUZTD4LL2WSKb61q8D08gXvG7gx5gXHv8OUyY0bJYXoph-wqLqQz31ksTlsKErdFRot8kvqeWPk5A4U2RIbdx0gM4yukXgJWU4pDCN-FwWMRUSQxFjfSF9i_RPIHWM1-rqkvOzrWwu1b9w2tDjPH1p6GIQBm42x775mb_cPBoGJRiRcsdF_gXrbld1MidqYJyvKnquJ6DsIDPzmXm7yHrg5ggI0ildSVmfOwJlNH6vKjYcm9J2jXYyilIIrv7gymPlwTmc0ilk8SGl0t1FxdWkONP4GgmjdjIBeq7LLUpTexDaE_1vXGC16Vy1ZLzwKCGj78QjnCGZ9OmbyZDR5PTz9lN_C8o2u7M7bDz8ZsZ2-WFjDNrtTtUH_kyE1vQqY_9-x9cGPUC-iZJB6x5QhVDRhBLnWTbnwzR8qs-gklMfk_u01Em8uGG2opHEiaHsjtePsMjshZ2LvohHvakocfGci8wjNqnwTkxNhARUWgocdvg1D6ObH0J5RDDiZMdgZbgckLV5zMLaFe-pbL60VpyS-zBzQbOnGUS0WOaU55qgviK9vB3dUIcRSfXjrN9a_msw_X6Yf07gXiHVEjvggwh8L6GLcniAGFZsb5a6t2GU65pY7AtDKZp503cJei0OI8I26NHLRh4TgT8OW-vKgA1ftSSnUTnvoHlHbvNTLJbfZ6DxRZB3RkKU5UUSYz2ajcLo6XMsV45wKZ3TNd6RRXBrI36wO5h7cf2Ii1ghdovK4YNmV4IqMiQPi46DHpzerwc6Xk1Fpy12pVrzN96xKBXnoB4mP80mmE_0yLfkpnfhzcvEuwFhXf7eRgatKSnkXFWq9XmszHWs4927zF-3w6SrWHKsZxKBt2MKi4S0EVcFIB17MPHXVDB34xmurfGkn_LnyHhtx4tPwvMEmHJYXSpAU5zpyXFktAeKSwFtck8r1iEj3LPxFtMbhFcv71EWX0BmXot4w6STVl4MnPR09jTtbpGn4IFRovHE7IbnYsozTZ5hBmYHnIWbsGtBbyUsBf-7Gol0DScDZDA_OgUjj6TjIuMcYpfruyg70fRXU3RqKA_gEuDLPZiVQiMPsB_CGL6UzE9CLwvhEdxgKG3Yi-96oZoJMrMADsJ6UPUGkbCt3FAQ135ve62LB7PLD-Hk9mYFSAYZVsK3ZCL0DV72BzZA_03Rw8JrAA33wNcSMNfsre6e5bUJvIOmGvyIxuqR4KvR_VLDSAul4_6G1gR9j3UayhG9yvDzxmzpSXf0sigD8KbjNPNN9Jm2hChxWo7kh6_5Zs2laQPP0PD19NNZMuGgOBa7GpjRJEo0Rctt0w3x284G_9KdYYk66grJU9ZK0KEmKhEBJCYYkyBfZfA1owzMgA_GF5qjEZAcoxDqql1G36oiRcxVbr9ima-OfuMUB7NZWJrOw75bcxWAp1HLHawFiRq8jZVxlZ6qMoWjQcDjg1eyxrGgWR6E9fVzeGr1xva8wq4p44M85spbB48MLTh2MiGY7ujGbXmy2wOvsCg3kppO4GKaRRsQdD0mS_NyTZ6ttvCR7-P9leBag3d8c5JZnEp8Vi09Zaq7MrNU0DyRaC8LYOakPhc_SiOPf9BhGOjykY5oLw2FD_YROJL431KiL0De_jOy0d2BYweUdi1q9Ec_uGfJFVEB1FqtXCKiMQYH2iEs25-psO5JNZfvCMUgAa19LZx8iCfewYwiWNbRiXMPx0wszKQvERwQBO9oaGhLF8_2q_PM9hTfalTfK9ejCz9JoEG8Aolbba1q4W0i2SYMh_3Tu4jtAA1ZUSWpuCehAGCfmdUJSskXzl0modS0TGB8cw5lRL4AejsomdNrd0RQlomP-0mBk47oWPiQfBj0eJ1Az5ZkIafZSuGB5nZGcYkzUN2RFtN9V113cL5FAqXI9O5Ncg8pHCTXWRlrLqh8PybHIH9T_UKwlfevC9qsKixo3hIoUFyhxfj08WRLB4nbjA9ELBTmbZMc_nrfqBP8HhCPPbhd9mH7fbUjVZKFC7ihGUr7WgdA8oPSHsRHSsawFOjh9lxWERSoSkpzcQS_-gQeRcibL0OfYVSxiBpXlV1grWtMXA_0i4wuN9EzLg47_vJZno6boqLOv57cNKV0g0G5nnFhMeNu3oKibGQf6LkX8R6Pk0Dvr4tkVeq20GaBXNt0eh0ci04EGtR_ARuxlUzU0gsOVEoeaNKqHj96WWbFw-BOnvgmlKbKz7ZVEOlx09E06mEq-XTJY4CC4sH3HWOj2L7-ZJCZvO75XPul27vU2aYTzJ2iu9CEEz8446nA6z8UT15I3YsKK0sCjRXlzRa_V1ZIF5Z3DZY4zwtWzVq1ciUr_DAut5f1ZcSDn-2aC6G97DJW-qT0KK56F6Hm2In8vnLvA8nhfD7ZvMzurUoZaikuarZ4l15l54Ws5ppCqrYv1S_FKWkmhyuN5wGprasWWAYbSrEk7v-Y_JRBCZf3Wo5B1TXnF-5b7iT9r3sFVPAtkV-O-0I4SrO86tYEfqGh-UEdI5n48iJGPZrNlYHxCAeX0hmw_5HYOjERG37a_f2RlgHQwJH_jJfK4OQMi8F5GOC0IgLr_2ZVSIqlf3hgwl_ppJjEqvyUxffyLc9jPkmr4JgUvF7HCPsOTAzZR9a66hFNZPW1XojywE7ve698EeC_QAM6bwXcK3-09PbJZwHUemUE6zj1SyOkE1ymyZhB1JVMnI9cNew_QXl1oOlJUy9P0n1pXq_608VEOZJyKGBoolnacHDA7uvzI7iCzAF5nAWGqa3UX5Kp1qzbyfvBLe3AZwmPfMzRD_23JV1EcrWf3epoZ2TPOYUdGIXWJfMeD3UyCFJHdEtQdoB9Kl2duHGxTNRCqeLS_GGMfHKxrJMJRQDkisk2jQB7iMZcrpYkWMYWNy0XwxrXd8zE61zW_Yn_6HioMT6EnxewDKCFBbtlx0zfgCHXG1lnus6dNhPJQ_6xII5Acu7Q0_2ZwF35p47s-CJUo2bD76mz2VDUE3xenyuzfA70-cGcJl08nGyj7afwecV9jItxQMP2Tw6mUDOsNms97iJrEdyQM2zpagI-QotgRaSnWiuxOneHiSQ8GRK_eywtXJz9K74ySZwcaKQgAEiXkaIMFGc19cKxHXSE0VTw2pLX9uKjOUXz9biE_LkuvMeKiHb9CYAE&cry=1

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.251.8.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bd77a0963f73855db479dcd3380affcf5a42abb14abe425e867615203aa80f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18635
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
x-server-name: app01.jp.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVY6F61u6bWGatYAx4Sr-wLBOcCayL3KKFEg4Rxqy3m0ZiU3zc&d=CokBAKAmf-DX8HwDWY9oC-7MAQwYZV6QcSarBpxXfSsDvZ7RG9SIP87xzXbhtLqj5hSx8DaTC3n-4JugnJF0NwLTg9oM1-ssCuPZf4_CvXECYMHZ-8XYQmSA-KzQ7cdRno_seb3he2D89plMznJDGFLgetp01_bRliIwMLWWR_f9l9DZk2utP246c7AS-RMAoCZ_4Di_XlCcLPwJKNHOvmWulK_CaC56ZGQWDwOgQkROxlzJBO0EOTT7lhXNRXGTMh3Un09RWpm1xzm9dZPJlGDWdI02SeSo7cs_HCMDmiju-lUarNwKNiyDJK6fLAMUtlAm-QYaIw2EVXNCiXFk27zUDononJbJLnkCyttBswYS71Czb89NL7LcDvV-z7ffA6cAQfQD5iqI3P1SADv6QPvTuYXLJuZQoFoxTtzTW2JxQ1oSVFkpAJNcYFVKsbKDZUlWHKwvICZO7FV_QpAn2SnQ8c0J_mOf2xzxtsSv2qW9FcO2_PUZTD4LL2WSKb61q8D08gXvG7gx5gXHv8OUyY0bJYXoph-wqLqQz31ksTlsKErdFRot8kvqeWPk5A4U2RIbdx0gM4yukXgJWU4pDCN-FwWMRUSQxFjfSF9i_RPIHWM1-rqkvOzrWwu1b9w2tDjPH1p6GIQBm42x775mb_cPBoGJRiRcsdF_gXrbld1MidqYJyvKnquJ6DsIDPzmXm7yHrg5ggI0ildSVmfOwJlNH6vKjYcm9J2jXYyilIIrv7gymPlwTmc0ilk8SGl0t1FxdWkONP4GgmjdjIBeq7LLUpTexDaE_1vXGC16Vy1ZLzwKCGj78QjnCGZ9OmbyZDR5PTz9lN_C8o2u7M7bDz8ZsZ2-WFjDNrtTtUH_kyE1vQqY_9-x9cGPUC-iZJB6x5QhVDRhBLnWTbnwzR8qs-gklMfk_u01Em8uGG2opHEiaHsjtePsMjshZ2LvohHvakocfGci8wjNqnwTkxNhARUWgocdvg1D6ObH0J5RDDiZMdgZbgckLV5zMLaFe-pbL60VpyS-zBzQbOnGUS0WOaU55qgviK9vB3dUIcRSfXjrN9a_msw_X6Yf07gXiHVEjvggwh8L6GLcniAGFZsb5a6t2GU65pY7AtDKZp503cJei0OI8I26NHLRh4TgT8OW-vKgA1ftSSnUTnvoHlHbvNTLJbfZ6DxRZB3RkKU5UUSYz2ajcLo6XMsV45wKZ3TNd6RRXBrI36wO5h7cf2Ii1ghdovK4YNmV4IqMiQPi46DHpzerwc6Xk1Fpy12pVrzN96xKBXnoB4mP80mmE_0yLfkpnfhzcvEuwFhXf7eRgatKSnkXFWq9XmszHWs4927zF-3w6SrWHKsZxKBt2MKi4S0EVcFIB17MPHXVDB34xmurfGkn_LnyHhtx4tPwvMEmHJYXSpAU5zpyXFktAeKSwFtck8r1iEj3LPxFtMbhFcv71EWX0BmXot4w6STVl4MnPR09jTtbpGn4IFRovHE7IbnYsozTZ5hBmYHnIWbsGtBbyUsBf-7Gol0DScDZDA_OgUjj6TjIuMcYpfruyg70fRXU3RqKA_gEuDLPZiVQiMPsB_CGL6UzE9CLwvhEdxgKG3Yi-96oZoJMrMADsJ6UPUGkbCt3FAQ135ve62LB7PLD-Hk9mYFSAYZVsK3ZCL0DV72BzZA_03Rw8JrAA33wNcSMNfsre6e5bUJvIOmGvyIxuqR4KvR_VLDSAul4_6G1gR9j3UayhG9yvDzxmzpSXf0sigD8KbjNPNN9Jm2hChxWo7kh6_5Zs2laQPP0PD19NNZMuGgOBa7GpjRJEo0Rctt0w3x284G_9KdYYk66grJU9ZK0KEmKhEBJCYYkyBfZfA1owzMgA_GF5qjEZAcoxDqql1G36oiRcxVbr9ima-OfuMUB7NZWJrOw75bcxWAp1HLHawFiRq8jZVxlZ6qMoWjQcDjg1eyxrGgWR6E9fVzeGr1xva8wq4p44M85spbB48MLTh2MiGY7ujGbXmy2wOvsCg3kppO4GKaRRsQdD0mS_NyTZ6ttvCR7-P9leBag3d8c5JZnEp8Vi09Zaq7MrNU0DyRaC8LYOakPhc_SiOPf9BhGOjykY5oLw2FD_YROJL431KiL0De_jOy0d2BYweUdi1q9Ec_uGfJFVEB1FqtXCKiMQYH2iEs25-psO5JNZfvCMUgAa19LZx8iCfewYwiWNbRiXMPx0wszKQvERwQBO9oaGhLF8_2q_PM9hTfalTfK9ejCz9JoEG8Aolbba1q4W0i2SYMh_3Tu4jtAA1ZUSWpuCehAGCfmdUJSskXzl0modS0TGB8cw5lRL4AejsomdNrd0RQlomP-0mBk47oWPiQfBj0eJ1Az5ZkIafZSuGB5nZGcYkzUN2RFtN9V113cL5FAqXI9O5Ncg8pHCTXWRlrLqh8PybHIH9T_UKwlfevC9qsKixo3hIoUFyhxfj08WRLB4nbjA9ELBTmbZMc_nrfqBP8HhCPPbhd9mH7fbUjVZKFC7ihGUr7WgdA8oPSHsRHSsawFOjh9lxWERSoSkpzcQS_-gQeRcibL0OfYVSxiBpXlV1grWtMXA_0i4wuN9EzLg47_vJZno6boqLOv57cNKV0g0G5nnFhMeNu3oKibGQf6LkX8R6Pk0Dvr4tkVeq20GaBXNt0eh0ci04EGtR_ARuxlUzU0gsOVEoeaNKqHj96WWbFw-BOnvgmlKbKz7ZVEOlx09E06mEq-XTJY4CC4sH3HWOj2L7-ZJCZvO75XPul27vU2aYTzJ2iu9CEEz8446nA6z8UT15I3YsKK0sCjRXlzRa_V1ZIF5Z3DZY4zwtWzVq1ciUr_DAut5f1ZcSDn-2aC6G97DJW-qT0KK56F6Hm2In8vnLvA8nhfD7ZvMzurUoZaikuarZ4l15l54Ws5ppCqrYv1S_FKWkmhyuN5wGprasWWAYbSrEk7v-Y_JRBCZf3Wo5B1TXnF-5b7iT9r3sFVPAtkV-O-0I4SrO86tYEfqGh-UEdI5n48iJGPZrNlYHxCAeX0hmw_5HYOjERG37a_f2RlgHQwJH_jJfK4OQMi8F5GOC0IgLr_2ZVSIqlf3hgwl_ppJjEqvyUxffyLc9jPkmr4JgUvF7HCPsOTAzZR9a66hFNZPW1XojywE7ve698EeC_QAM6bwXcK3-09PbJZwHUemUE6zj1SyOkE1ymyZhB1JVMnI9cNew_QXl1oOlJUy9P0n1pXq_608VEOZJyKGBoolnacHDA7uvzI7iCzAF5nAWGqa3UX5Kp1qzbyfvBLe3AZwmPfMzRD_23JV1EcrWf3epoZ2TPOYUdGIXWJfMeD3UyCFJHdEtQdoB9Kl2duHGxTNRCqeLS_GGMfHKxrJMJRQDkisk2jQB7iMZcrpYkWMYWNy0XwxrXd8zE61zW_Yn_6HioMT6EnxewDKCFBbtlx0zfgCHXG1lnus6dNhPJQ_6xII5Acu7Q0_2ZwF35p47s-CJUo2bD76mz2VDUE3xenyuzfA70-cGcJl08nGyj7afwecV9jItxQMP2Tw6mUDOsNms97iJrEdyQM2zpagI-QotgRaSnWiuxOneHiSQ8GRK_eywtXJz9K74ySZwcaKQgAEiXkaIMFGc19cKxHXSE0VTw2pLX9uKjOUXz9biE_LkuvMeKiHb9CYAE&cry=1
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 1C62 80 KB
21 KB 354ms
122ms Script
application/javascript 2600:9000:20c5:4400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c5:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 18:45:02 GMT
content-encoding: gzip
age: 911600
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 de1a76a9cfceb99637fcf59c540ddbde.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: LAX3-C3
content-type: application/javascript
x-amz-cf-id: DAuY-6l5r_jgl5bJvyVl6ug5wcI-H57S8l00DBqPCURwBFyAP97FYQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 29BB 43 B
216 B 523ms
171ms Image
image/gif 2600:1f18:1aca:4282:926:ca47:6d94:f346
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1109672&asId=7cc3d24f-1ed1-6da4-9b95-3e0a9f1ad477&tv=%7Bc:lINjRx,pingTime:-3,time:62,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:62,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teWpWCF+11%7C12%7C131%7C132%7C141%7C151%7C152%7C161%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g*.1109672-64802888%7C1g1%7C1h1%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n,idMap:1g*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:926:ca47:6d94:f346 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 29BB 43 B
215 B 516ms
172ms Image
image/gif 2600:1f18:1aca:4282:926:ca47:6d94:f346
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1109672&asId=7cc3d24f-1ed1-6da4-9b95-3e0a9f1ad477&tv=%7Bc:lINjRD,pingTime:-6,time:68,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:68,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B63~0%5D,as:%5B63~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teWpWCF+11%7C12%7C131%7C132%7C141%7C151%7C152%7C161%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g*.1109672-64802888%7C1g1%7C1h1%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n,idMap:1g*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:cloudo3.com*&br=c
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:926:ca47:6d94:f346 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7009
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=YjViYTgzMTcxMzA4MTY0ODRlZjU5M2I3YTY0ZjlhZDY=

170 B
188 B

48ms
48ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=YjViYTgzMTcxMzA4MTY0ODRlZjU5M2I3YTY0ZjlhZDY=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEYz5e_zwEwAQ&v=APEucNVF5DPt_HOnKkWfKDLeEqP028DS_v_xxip5mxLZaxosA5UrVnN6XD-XFd_u8rWHgS8aBFRvRnCtzmrRm4nuX8AQnmQYrw

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 19 Aug 2022 07:58:22 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=YjViYTgzMTcxMzA4MTY0ODRlZjU5M2I3YTY0ZjlhZDY=
strict-transport-security: max-age=31536000
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200

beacon.gif
d2935610468529733707-t9202661953710414064.id.amgdgt.com/img/server/ Frame 7009
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEOFhEGLlKUBNWcIF1lMzHLk&google_cver=1
https://d2935610468529733707-t9202661953710414064.id.amgdgt.com/img/server/beacon.gif

43 B
283 B

215ms
58ms

Image
image/gif

50.116.239.150
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2935610468529733707-t9202661953710414064.id.amgdgt.com/img/server/beacon.gif

Requested by

Protocol

HTTP/1.1

Server

50.116.239.150 , United States, ASN6336 (TURN-US-ASN, US),

Reverse DNS

Software

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:22 GMT
Last-Modified: Fri, 01 Jul 2022 18:27:22 GMT
Accept-Ranges: bytes
ETag: W/"43-1656700042000"
Content-Length: 43
Strict-Transport-Security: max-age=15768000
Content-Type: image/gif

Redirect headers

location: https://d2935610468529733707-t9202661953710414064.id.amgdgt.com/img/server/beacon.gif
pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 210C
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=YjViYTgzMTcxMzA4MTY0ODRlZjU5M2I3YTY0ZjlhZDY=

170 B
188 B

127ms
126ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=YjViYTgzMTcxMzA4MTY0ODRlZjU5M2I3YTY0ZjlhZDY=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMzd4QIQ99iLsAIY3-WB0AEwAQ&v=APEucNXTWtykSSkfnAPuH6fPsRNvcV1rn4B3IF6eVsfCn8uJSQ_bb-k0nm0CkCLGLlO3ThClFfxW5skC7qE4DY0nId915g3y1A

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 19 Aug 2022 07:58:22 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=YjViYTgzMTcxMzA4MTY0ODRlZjU5M2I3YTY0ZjlhZDY=
strict-transport-security: max-age=31536000
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 210C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3Yy8zZghelu9TuusVfQ7Y&google_cver=1

43 B
895 B

22ms
22ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3Yy8zZghelu9TuusVfQ7Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMzd4QIQ99iLsAIY3-WB0AEwAQ&v=APEucNXTWtykSSkfnAPuH6fPsRNvcV1rn4B3IF6eVsfCn8uJSQ_bb-k0nm0CkCLGLlO3ThClFfxW5skC7qE4DY0nId915g3y1A
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73d158004caeafbb-NRT
pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfa3bPU7MXcs9oiVH5V0VUqJmXV3wIkjBn1bgd75e%2FkoQcr7cH2c2kFszDRBIpzOTLhRAQqqayLI1fsWw%2F3n8pPjZA69Oj%2B33OOieRr2rHdrRs3vWnUbMwCi63bHr188TIgy9sZrqbaSLg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3Yy8zZghelu9TuusVfQ7Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 210C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yv9Cm3fNqOyRPXu9-FDdpgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3Yy8zZghelu9TuusVfQ7Y&google_cver=1

43 B
897 B

19ms
18ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3Yy8zZghelu9TuusVfQ7Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMzd4QIQ99iLsAIY3-WB0AEwAQ&v=APEucNXTWtykSSkfnAPuH6fPsRNvcV1rn4B3IF6eVsfCn8uJSQ_bb-k0nm0CkCLGLlO3ThClFfxW5skC7qE4DY0nId915g3y1A
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73d158011e17afbb-NRT
pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmPCjNHWQnkrNF1iCfMAfEdIWTt2lmfqZMLYgDkO7TB6xdxPiZTp7klz4SqgXPEc5iekEkATMRkbl8BN0JIvI%2FLHWFd3NNueKLrJGW6jItTXr9lNCoilgrDftnZ4ayXmwVTCkzTtlF6SfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3Yy8zZghelu9TuusVfQ7Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7B4C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDOkB8QdEoWh7BokFe5B16U&google_cver=1

43 B
1020 B

79ms
78ms

Image
image/gif

103.43.90.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDOkB8QdEoWh7BokFe5B16U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxCfzKr-AhjJ4bW8ATAB&v=APEucNVlSERMx8-ki_1jfGSzhPu-LvPyvTpfdz0w4wuIcc1Aio1MHH1tiPxnGMTwC9BBm-IMpjrn2Um8DCNNpnW76lt8FOeafg

Protocol

HTTP/1.1

Server

103.43.90.53 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Aug 2022 07:58:22 GMT
X-Proxy-Origin: 217.138.252.171; 217.138.252.171; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0d8b723c-0af7-4a61-a0e5-6e873fb137ab
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDOkB8QdEoWh7BokFe5B16U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7B4C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQxNTczODA3NTk0MTYyODUwMw%3D%3D

170 B
188 B

95ms
94ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQxNTczODA3NTk0MTYyODUwMw%3D%3D

Requested by

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 19 Aug 2022 07:58:22 GMT
X-Proxy-Origin: 217.138.252.171; 217.138.252.171; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: cc2e0868-28d0-4fca-9817-736027981dd4
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQxNTczODA3NTk0MTYyODUwMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 7B4C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFK7XICpMu-HZUCQAbtLt0Q&google_cver=1

43 B
61 B

45ms
40ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFK7XICpMu-HZUCQAbtLt0Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxCfzKr-AhjJ4bW8ATAB&v=APEucNVlSERMx8-ki_1jfGSzhPu-LvPyvTpfdz0w4wuIcc1Aio1MHH1tiPxnGMTwC9BBm-IMpjrn2Um8DCNNpnW76lt8FOeafg
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFK7XICpMu-HZUCQAbtLt0Q&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7B4C
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODhiOTI4MjYtZmE2My0yMzY0LWM2NjEtNDQ3MTZmZjA4MTVh

170 B
188 B

91ms
91ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODhiOTI4MjYtZmE2My0yMzY0LWM2NjEtNDQ3MTZmZjA4MTVh

Requested by

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 19 Aug 2022 07:58:22 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODhiOTI4MjYtZmE2My0yMzY0LWM2NjEtNDQ3MTZmZjA4MTVh
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 29BB 43 B
215 B 511ms
172ms Image
image/gif 2600:1f18:1aca:4282:926:ca47:6d94:f346
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1109672&asId=7cc3d24f-1ed1-6da4-9b95-3e0a9f1ad477&tv=%7Bc:lINjRL,pingTime:-2,time:76,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2559,beZ:2560,mfA:2561,cmA:2562,inA:2562,inZ:2566,prA:2566,prZ:2578,si:2583,poA:2584,poZ:2602,cmZ:2602,mfZ:2602,loA:2627,loZ:2630,ltA:2634,ltZ:2634%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:76,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B71~0%5D,as:%5B71~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teWpWCF+11%7C12%7C131%7C132%7C141%7C151%7C152%7C161%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g*.1109672-64802888%7C1g1%7C1h1%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n,idMap:1g*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,sinceFw:50,readyFired:false%7D&br=c
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:926:ca47:6d94:f346 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CF93 41 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxFNhKq5OsvK8Tuz7CxCJTfObNXLC68Ox8M7fDPyFGEfwDWhLfZxAa-5lPojy5bQ_580oB-Gh_3DxFhqTmB6ggXouz3AETRZIHN_H0VGjMcS3hYZ15pmwQu9khUDtmEO4gLOCqBSHdLcxkDq-66LJDibYaMQ&cry=1&dbm_d=AKAmf-B6YS6Mh8KP6YSSqQlBKD9d705z8qi6t4OojYmqCbyH3gDZSqlIlw92-E1Sf3LbIKVPHMZv5I2IjneztOXZAK07soFSFc-1bp-3FNPgPxSXen_bESQ75uC10jL9FRbLUuqG8BA-ydkVJa6U2apVF5GtsKQG4V915-39znsN97D9gJQ9ewzRkWHlOkx4m_HrGeNltun0Zho0aXWtadzqhdL3u4xx2M2zz9EqhMXEM8SrpKbxiO4ygMVB7sKDsJ7ZDW0rzQHlKEPJrH1Ixi4hqL54A8gsTwZRGKF2f5N2v1yzQcxprgF05fqjIBRFfmxLiU7gsg5VglGalZUsJB479tmuaZNd9ptM3M7aLt0FsrlUAsjY1rQ25Aan_WkhWSM1BtXD8ZUazjDzugIgr0WD9e4GR2YIpZN5miFpZuHH_yvhy-Owax-EPUVEd6nz6Zpsy94wzqDQogcy1yrOWT4kJiqxw5_g62eVCZJGfmpR-JgRhWMoQDEKn0L0saYIOtKNprigDmfDt3EyJ9JEmbWSxZRFq4oFtPFH2esaXJlHR8objr2klad03JeDExSYlnyZIxYkEPwlLZMrhGmXpEgn4UfkRncEI9Kof4xTuebZ5rw7ziy8C-3xw72cgEhh30870JgzDeg3RP-TVeGDtfeNR3wlHtkmElMQIfbuSAkIwjxcoNsYK0KZz-5YXI_lfQVcHiLyEU7UQxThi5TXf7hBV215LHkvxaU301hSPQCloU9afKmAKmU0MNuBIqVl1xN6fORWJhagp5MGBl9rlWm8ZYwZ5-ce3-_QC8PEBinf5CdxGAYc1D4weOhBIH_AqkXVNcaK_4axWm2nzrj6OjsG4mduXs4X_qdFpV0EZE5WVHdNkF24LbvaQs3ZsIEHiqsfQ-vv2VX5kCBsoAYSLVy96De-DC8Ljaspr0gv-H28KGFb4u24TFcfEzS0eXU2-gBCOw4gbyBNQvqkjmBha4R6J-Nl613l04qS26sH1Sqs8Y-IyBPPxyn62MTtFY0wKu2cMmWZHZLTYlXvErjcu9MU1VEu1hKZBnsV9ttRCFyRzkyamg2aR5L1i9GRqufzmMTy9abVPbUBHi_zm11Q3UH7z0wVGkRRG53kWQoSjNrAxlJff-f7Ek748vlWOm_t61ke_fmtaFPL0Kp-LYFrbYD735V9j35cVRFHixvkVKOMJwmiL7Of0Yc6tFggvqgGVwqT-UorzojM4JIIC0JiLOKWeXzNNigC98wp0hOu2lKdBV6FWbavTq70E465TShGVbKP3kDtP8FScWkMsal0XJpaVwOcWoUcQROgTGOmdXsJQys3_1cgJ9sRZfNkdVJhfDF-gGDS7maIRgxjK0-gbp7c5Y8uGgC1oPAJIoS_iyT2UDKEpkGUKJhJC3j5r7Jl_Ls8NjjjoWD8atv1d7UEgi9aCPBRbqiVJwVFW4_plDM50QfJmqfSfRWtWZZtzOrH94uvPSysdcRMxk947esq_wSeNBxDv_1C3qIMj9pCniDA66APDNIFJfFPjMUCUuGvKtz504lYZySoFyo54fjIOA6Xt55RsOGXsUxayRQn7WMAqm1O5OXqptr2-G4SGG353Uslx7d04pE3fxS3DgTH3lI-zIto_Qy6X7ztRRvZ6BtvHi35aKJdE9fE6reuAVeu-hp1vnvoJwTuRiVWJ403FWHgGBt8gyBjlbCIJolxfIgnzPyDddiHkadCap0y4LF2yFhuUbQwzLRF005QEykPPkUcrid19UxPg5ptm3vAaBmXls0KinATOuhhVo5P5KgYEfVeomfjraXY29O6waT1lIZJ4nAHko_Wx9r1OmM6687n8PKVfxgAjgvT6sCl_Txw7e7glt86xYZ_4bb_MhBYlF4PXxVJ_rhR72kmUKck9DaiYJ9-sInKSVWOEHi_TmfjkQX_lR8PJI0hP_2qztVq0oUh-fWLgOkU-hYFbE8ZekWUAri3DEmEaSbgvMaa3uwYnaB99UpSIxvjw0dg7b9-g__viTel8_FKe9dD65XM7_m3PmgkkG37EvTmV_aGshYY-tmyAfOquiAjvujlCp8V0wbnrf7kufEEZpK-q0xUFoLriqkNUSEYEyn4cQ07H6nCuT1ui-JzCObbAOdrjKXDT46H-Dg8QwicrcNkA_8gYf4ipU3H9HdTCgTat5PBhGCtTXARzYSJibD-vmYDqZavLf1_Jy4bJvD1NeM-4Bf0Uy57lPoekwzwrpikjc793dolfhMhYLJBbVPHKkoqnK85u4j0uAU6jPgkDJn1CuZgagaVzscMqFJcBb1cJAZrEjN1gQFVeocwDaJNlvX8LK5-H1EL4kVHcMK0b-4oGIEgl56poHIYnFJl17SZQyi4SC0twFm0B3aP9FRoktEBQPndmEKFL1tnIadMLv2sDCMWAXQFiYk_OlbT6hONDymrk4PmKkjltv7gNqbgJeeYM6mNngUoXKO8rXv6Yc4taQXfGGqjQ6MlMAeq8xjnT09qp3DRwsce8A3l6B8XSY8lEQzZAVhInVKFNY8BI7rX45_wk_lcBqdyUpGLnS72m2OtuZHnc1TwtFmo-nvqEPxkK_QD-bzuV6mtReWSNyWvBg6p1EDDqZkjgOF1NiBeeVWXBK69dCWOy5FjMxGRCm9rLv3sfWlB-qwI56XOCkTxV7_oSUjbEBHg64NiDlVFxjTlg5t7DhiWwycupdQz9QaldtKL-nX57PWNIkkRV9ylrdCfcIZ8kGsedHtwKJ9EGW674fcFlha1JlXCItdAqw_1e6iUm7LhdTD-AYnS3A&cid=CAASJeRo__gVZwQ1QbKOn16hrXDzzNrD8d_eYcGlixhPM9Vv2yESA8g&rfl=1%2Chttps%253A%252F%252Fcloudo3.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 23:16:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376936
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 23:16:06 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E091 22 KB
8 KB 5ms
3ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 252624
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 09:47:58 GMT
expires: Wed, 16 Aug 2023 09:47:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B413 41 KB
15 KB 4ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AE0eUcNEemuqCKqwU9XZX4WqHbxbQPgYgvTFBXxzWUNM2jhF-yYQgyBZcMl9CUdfXyCOwJjDJOQ8aG_r9NN_CXIMpqXgG9frWWYrmD4GA7kLBomtJOWe1JpJk-e2Z79r9SxCIQBxyWhNZQwqC81BDjqNVO3Q&cry=1&dbm_d=AKAmf-BrQHs0DsJbvHD3kgDJQLjkwvkiQ7zM1sLtIb0pZKDxsMvvmDkzyLhKsynETMAuwsCbsNoKa-HSRgQHfUexOc10zKkQ1X0iljC8fevj9QqMcMTTGvx4Uu03T0B7-Z0FHUoYct6Qhn6kjm0lAeubwcE3_gmwqJDZd-8Tp4f_drVmonhqK9mtj2cAFdrdGwwFl5am5TqKnJlKiUGH5YDh7YVQHltCVHDvVLdWfi1GF2w0wKP3ABf_jMw2OgHAnrEnE-BqMUJ_u2-JlZwRD29PxZW4UziTxAVexv9l6zuB7xQ46LG01tYi9CWGeSksAro1U_waXEold7g448phgE2IKsaxWz6D7iNBPIWK2XHJvn6pOsYNqvc9oC0VYFr1m5_na9XOpHZl-Kk_D2AUuTGzyd6APavvM7rpScFzXuFKRzC8UXlxPeEVJTRvLj5e1MPLWzO7x8nFXft0IsIv0BryOuoWFjntJSjMy5a0eJKTsbji1-tzBBJyxycgM3M2gZP6WjjEWxJvx9e-2N-hLzuROKlJ7M5suPq4ZHGv7jHy80JVfZ-W7mNqCgwvqJ7K7ORkd0-ibdqD7Sgb4XT1woSAh1K8G_-kFnp21QREor4rtZHUAG9vQlVG5QnZflug9RV3rwuBXWfLkU4KIXtfsCc80xZ1fZW9AkuGmtqyneO8WdZ4dn5gj0wXlYvQlTmR0dnB-jtAqjObwVOWgLCKGaVJ8cB487KTAec9TpFHFmFJKORjYpSu2F59LIyWyTgLyS5x19M4RoaO2CkDDFtvQ8mtxoyGD-hY5Qccgyfpqi07Oy1uFumSKl_Bi9oQdhVyvtX-tLJKobEvHoHL_cuppxvUki2vfHVg_vzZOeaS9yNr15bB4mZmuinjyf3VIPIDAfcxnzxlb_ZHDRkdsbtrS5yheoxO5KpY5Uaar9W5JsVqbUu-0o5nPYFeh39XSZEtMdiSd6054tu3i1bVvpog1DPd5_c_q7gONjiqmGJ3ebP_QGeOa_2HcK-_IoujJwsKRKsJQPE3AqIwdqru5KXe8US7pW6QKXOVsOzdOzrxXK5hYWkQv8KgDdXWI7Pb0uUSpXB5Cf3ybNsth53zh3xXCXPC26UickKweCBKDFU7I6dki3fbg5p5NBAY9YpSf7gdAa8XtcAYg3sseYbPBjUt6JRMrROW4WulsB-FkYfg7ala0gLHzVr7G9TtTixdm9o_seJntQD23laW84vTPJLnkp-l9b9joYRa1Jbo_B8bOGD40FSEIR1-8b4T4u5Ajvhyd0_T6uiGoYd4a_UbPn1JB7nVpys0lWivCBkr9n7mlkXX_Ou5niizuoQtqQVRiTU8siQHCs9wkrRsaWP3_N8DsPfNnpiJ-CcmARf3m8CrA12R-v4hoSYfDRKPIaF3Oe2218kklCzSh-aeuLG8K4x1hR_sgv-rbogZnp9t1V4CqHW0smraMCjRRKaDPRPa70ZSh0gDZVpgDLcdG7vNP14BsnCzN8hbG_d__mS21eLzB8rpAs2vuKDLdhezpsdXISUtitL_ez1u2B0i0HDwOc0mVvEdWn4ychWCMD_NmWMGFfz9xc8SwkBfdkXZmJHHWUc0vaLlLx-1rtRIpnZSnSimrxGyuTx3p6R9gOMqNcX3a4EK4Cpa2r0-e1y9y7-SsqyRsEkjFFcnKCNLIxcHdwb6R1ASWWyCQ8xVyzn5M09UJ460zXGZ-S3bp4U-h_oKlvxlxAF78NwQwWV69MPxklcpJs2KrogiavnzEX3QBbMPh4FloTbaaPmdpiHCbXKRH3zC8puXm2Oywwerfw2PJ9DTLSfFWq1ngxWpRZWZKQ39gj9blqjnXkymVulySvXDOD9-6jeHFpoUWbiY98sye82YWmYnkUueYfTEIhGMncPx85NcUMZrE2UemjJSoJdnd5ejcZJb-UslVfkly21dIQCF4dad80XvwfwHKoLLekmKJEpER83WDaZbIr1AGP5f04EXCiWDzTu8RFKI2gtvx26b9YcrzZBbR_HKWmAoPkm-ejnD-kMRxryI9OacP7Nbi8mu_lZPNJNZts-Eqgb26P4ONbtHkLzvnmyNu1B6mfrKbujgJPV-namzactFVNffr1JCauApxhRVLwI-zAU3ajO3prqPKPnTb6g4OyzbBJbYhHI40RK1_YUZPdCaPlv7L6m_yu5EYoRYRskjlFipkdX05lKXRgHvS8cAOtRMQNfIpCUb3AzWfA0Ho4zGgInviivL5JBfvSOrhGf-aSBc8sxhQtE0VOzPbfeXFMIkIIHbxNv9YqtIjBe2yr6ZZ0v-F2RNcn2EfJWstp_1xQDK-zGjD3z66CG3ORzXpTU1KyJqFAqCKRcyVfx9Zs6nDXlJxyaevDHw8JV_aUlYBxs476xt_qKkU7lLUOCEzSeRiLX1s1Haoj9QKUu-_UGg9vocKsfqomwSQykuTVh5Ta6dftiRLZqhB82m-Bh4y3d9wNP6JZOS_7kUgam_jG4AdA98DBMju37wKdimP5_gfPf6ogShcMs8twegh3e6p7NSXdHKxxnMJy_ZRHF4jTHF5JTyo-e7WJS1R7u18MkjU4KyFXcyL9x2eV9trehBhR3ief1Qlr6dAvOIp2SiJ11sEg69OiyLENIExwlDqFSYJ7X426DtOuB3zImKWdVmjx1aBat3ZphNF5x6ynzKxVJF4EkRL5Wvo54BIbbrLeZvWv3E8tey2gaj9L_I2pfgm8cHipvAQg0NdQx8D4YhzJLjqsgsD27jorrY_qL1oMwe0Y9am42q-IEAJXcMkuALNSKjz1-4iVxcpJh4QXBni-Iy9lt_eIGbyieGG3_sqi-8Q4t3nFbTAQH02iDrASADnA&cid=CAASJeRo9azXVw5dYTQKQk3PyyJ70uyGNDqqRblo9WUU5mazbpcmFh0&rfl=1%2Chttps%253A%252F%252Fcloudo3.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 23:16:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376936
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 23:16:06 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3D6F 41 KB
15 KB 6ms
5ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AX-72C1Gnu_UY-nmBaIZElU6vQdXP3Mmdm4WKkqtYTYLvxspSdp10O5iPCq1A3M-QUHnCNMr3GkcW2BzX1SXdTx7u6qHOn8wajYYCRXje2nrxVBpIU5O_y54w865WwpmhGmmw0VA1S0aE8NwJ6qPA6F4JwMg&cry=1&dbm_d=AKAmf-ArFoqgy0OyFoJOlyE1ANgjj1cedp4WmbvBwNYS7mNjpc_0TRXEplHiQf74psEWZ61UoH8s_hr9cr0JwgrG3RPeNN638y5uT-FbX3hrpVSotITeVZz82DDkEb-g_CNJYee2iWCn-W0tJFoTqDYP89xFPfeG6C7rIfCdFSTg9O7jQh_jAiOkxTz8v8HDzAwVfgwJu-VmudBdJHWrQ3qJ2kuQryn8dJNIVqJisph2moxxUwkOPYi-kEIdb9GB2VXaxcIFzYoKsNhewFWo3BCu0ONHKtLXLmhktA0gtbKZJJIQjBkagIHUOOPpzG8mxocvkuBi_mLklvgf_sq74vQcv9Eb0q8l8lxuiLJCPSaJJ-MOuYjx1ccAt5iGjAI-M-SJ9ZwAP2Ok5qUDxVZfY0oKzLxgcRSKiLBzz1HSalY80Sn6dlBvky18_-TAxim9UUDdAulIRqQWPFxTX9DpGPWVh-mkGNPOrCW0gflvMY2EI1PNWU4thxQUcMV29G2Q8coVW2nLZ260OU-lf_ZXm9PB8yAywiuee6riGK7jGcFQdf0g5jd6H3HsbcyBMkgzPuEfiLU00WE5e7YhT6FKicq9JzVay6GJKcpsaAXYZ8zpzuofSPL6e6UakYqo3V0WSa6U0qkJWB17Qsd3HMKKx6T-mq1AJLxE_HQbdndLKm-9AuIkZM5mrLgsNv1Xolfcwa7VeI4bqdid9WQ770WFJ-NPREJ4bRgvaYLOkJYqhqNVYvYs_xh7Pcqlmz5_4PF-D2wLK4eoT-__wm2yzyxafV_sOnKddjPSddxKt8Vh15DYWIwC31I8XM6uRuuGheHJPYNx_DnBrecmxhKzOZ9O_mww7ywO2sLmnjPz-74ytoyCv31BZQyuevTZb93-ddCEr9O9vQfYlx57mYzuK24sHLliV5SV5H36SwIj1W3j_SYJz6VSidQ1_K5a5mUGYvt4Xh4MP50mOH6qn_vYW9xo853A3EGE5xXZocPpadxbQVaEWsvtkPDD5HGHT-bw1SDwoShVUWAssa0f6s8XS7u4mwg0UUK0p1NnZMwpF14RJMapWDJYuFJOf3N2akPvYXn7QZd_TfLdaMhJ0_wbB0Yj35aVoDOkbEfcBlAVXTSr_Fec1rH7U1iFIQo8_K3JYT8sAR_VO9FeSFo9QtYTXOrwpB0sVeoJAoMIbdMwEeyk21yvYO8r4swi_RWnRATGL61xKIUMxb9148NdOVivJQsSU4wiMdZ7LtDviIL_gWOQBCFoRZEeBUKp1mHxbvktBsLUIWkAOP8EdJwTp3_MN02Yr1lsmfXQ8d_uMSWu-7cjatE5OJfycs57eKzmF5rkfI_paTmf11qzocg6oyY83vGuhc-uihkAs1XI5HyNWxWepMu0Yyg-Iowhcg4EWAOKyzfo18WTxEWmkVzGKnC_8-r3R-OutiCo0o5FkC_iHYlaBc6IEW0LJsQ5t8hxES1JkTPZ-C1EIn_p0oi7kEZE11ysRd2UqM7TZD4u7Wnzkjf5JQD95q0nEuyjkq2738adnuiXmamNRFi-RqXwLzsyxafsmVsksreAJmflMSU5L5p_HcaV8VGxHWd4iV3U-QF6d3FBd8OMyp_EchZ1V6yhl0Ge9xQpt1T6l7PW4cXjiPyYgzSEVowIkmNekFB9eoflYnMVd2m7GHxYhErod4HIuWshVXD2CRSIz44dk9N0uoPn1jotFas-cOCSj3CukermARW9J9tvg0XwGVaK1VF_gqSY_orQUglFWpy5SD14Ol5iRwkIeQiFudpDtcwGAKSNWhosSnRh2CVOvyKKI-YZ7nFr3hZ74LdkLE5KsGk-lAHiSSZMQoqBf87kU6BInwMAkqHR5zTODFWq1o-JUlyvtvt1FwP9jvxooExWZvGO8NQjWNZQTTvgqFzFLAS5UuPNY3wjKho892cvRcCtm43MtVhYqpjhPzCffUZCBQXUkVg2mMHKmp4Z5lcEgc5F_RAStYdghqp30J8TrXxJjUJP-CAbZWWRg0_ebdFz-AuhaUBAW65kSfyPEQ-BDPdALsIPPdCmV-SdAPB_emzrLMOhHpstyZcoxKlHtGLnTMRZemH45nGk_arDDJerMG3424cTgDRunKr1UseBJyu76YGoJ_mtdwIICwV0NOlisOZqrGrvLc62YW2-BhwfdcAsiPSePBVBTWC4-XwF2UfAqIXzHfsDOh_kyl_Lo0bpr3K_vOepssBFKKdtOe2ddPQDs4BBBQu-FbihK2eo-gyTm8BUIzQVhdP8Qbddop_JnlsiKEKUpv5gilHd8m12pl8Z4DKVKFXlAte9R2MJbqyUWHmRz_JErMqIfAcoyt0wlEcs2e3DOEmM6jxwtc55xEDS43t4BhYqmJZF_D29KPwIguCy7oBRp4-Z6gnv5qQeMdooUoKcqeUdwk2iAV4afX1JBk2oiWrlbCfqH0X5R-KxReL-HdodWR3BysM6YS8DYU47UtVDFdQNM1h40nahp1FibizT38aO3mB-t4O_F6_PqrIjhHmxhHX6dR1MVWYxzrSMDLKzsnWbeb_nDfN1fWKKwBnthZ-vEAPUdZergNJw4VbdZtHpSMT0roHZIxgk356OewkVLw3LFsZIIxIKSSkYIpILxGwHye-GVr7mw-v1PW_jt_1k5GUmNYz12NuohvgXynbkf_a-UNsGtkp3hgdYmOUR2-jZVOyY61Un36iO_7gxio1gZba2WKb8dNWOJWUpEhiFm2uWsRfEHFE56dQlqjwApsYNOIZiE5iOXurz6VpJMIpgPq4VrI9kuSCi2ZDRSjD3SXFkqjHiNv5oMjWKgjg02UwnwXjJMjUmCBGZ&cid=CAASJeRoFAPTEs9vs1Rcf6Kdym8-UW_3yr3G8p-EiTVkGusSMjDYPz0&rfl=1%2Chttps%253A%252F%252Fcloudo3.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 23:16:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376936
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 23:16:06 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame CF93
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1109672/64802888/xbbe/creative/adj?p=APEucNVY6F61u6bWGatYAx4Sr-wLBOcCayL3KKFEg4Rxqy3m0ZiU3zc&d=CokBAKAmf-DVVM8WTxn9gXbvVWK0dUg_xuYiERPQScy0VpvIEH2VNYPrQwDSkLe...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVY6F61u6bWGatYAx4Sr-wLBOcCayL3KKFEg4Rxqy3m0ZiU3zc&d=CokBAKAmf-DVVM8WTxn9gXbvVWK0dUg_xuYiERPQScy0VpvIEH2VNYPrQwDSkLeb4F-F40a26aPSJ53jsGDFZfKhr...

44 KB
18 KB

219ms
193ms

Script
text/javascript

142.251.8.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVY6F61u6bWGatYAx4Sr-wLBOcCayL3KKFEg4Rxqy3m0ZiU3zc&d=CokBAKAmf-DVVM8WTxn9gXbvVWK0dUg_xuYiERPQScy0VpvIEH2VNYPrQwDSkLeb4F-F40a26aPSJ53jsGDFZfKhrGyqeto8s7qO_KUxR4FF_fq511jNzFYNUIOZG0NCrSKZM5JiRhFyfNDESk9s15j4_x1DBIzEIzuoWFCXWXxP12dkn0EQPebwJvESiRQAoCZ_4CDPi2SHqXT6QOSNbk8vkI0IJTZVH4ys_Zpa0ilS5oG-sXilws_BXc26BKDjZ13bvLsxoxOUWuHbNtwwlNluw6Xr83N-qt-Qep92qr5rrK_6YlBWD8cIgo8CrTxLER3wOyWST1F67_PXdQZsJPnzNw39Zu2agAIvuEV0GaZsdrgg4wlWPEBg7EmU71O1OS_OVDep64taFehXq09duaLIPULzmkf1hBc-agqqT6JqKX0jJbMQrXI9YNHNUdiV7i4Mq8xhc8gpD8KsQIsWzWihOQhcE9nOGpD6sHV1JEOaCqzmdxqaA_azq48wpwYekvgABt_mB0EsPzUAxnhLWocfInYUe1sMueLHxN3gMErwZ8uTar5AMjAq4y83eJ5sNLo2mUNhgb2PCmzQhfcYgxSInp4ihefc3dZmP-dbSR0XBynvOiw6BuIfcS2ZQ0aVNBih_Fi2rt7aCaeMbugVkCBK4kPjy0sPRHndArHKduIPZKZhp-1frI6DK9a4lVBc8W6F2q7Ext-yzDbDXUyqT7l75wPsbJWIGWSFIt2_uORMSx015HR3cKyKihHLRDNtPqEJ5bwVC3BCschAjeXyrzIAjBQFo8P9ro7_yxAhCVqoQCOUfA_KJrAxSFKR9tD3t1g6LlhBBqnfHLNhyh5neCzmB81er0dhqNt3ZIjet66mw8R12yLBWGaC9TMSbo703_ECOx4skbHED1Ug103470LLnYg9Ch7LiNPsy3xXh7nm_NWgn3BSTd6jqbXMHcIQQEqYxL18JvqkLYe_SwpzyENQ5osjJwuLLxo06SdoOOIqGhu0rhlIFOtUQe1RqeUGTqta7P1z9YKyydHVeSdkgl23jufx1QGCt0wN24mQCOM7i8BDfQTfhoQJtYrIeQ2nqaaJ7l-wA34uWNGY33wv9REsZ2wtsUphmpYpb9l1HSx9--THcR3ixJ0ialRnBodJmqQAmym3Wq7MFwL5OymBIONBW1vYSTTd1HJkOiYpMZ6NngHpSqEcV5AD2H4xeDPRSmUMdti5H5lD7gi3wML9W3fsC8DCVl9ZUgyVsQzLTWJ9nboJb2VHjndLfvjKsx401PBJp3m9242rYKTHzTjPncmk2BrydqZ_SM7P0fBOBOKzQY8bp2IdIv2inK48uhlUjr525VQekIPyMMPcNleRZriN8IQ2PIQWe37pOQRZuCyAGBx30I1EgLaClYEqXlwfmtODMiQRdGpj9kPVnyEDTNvvpBtArONP7KkuShFbpCEpTA_DffoZVKyqxKrZZi1xrGZPUhTK_VDTkSrQskdUooMcsU3mGJG3F0SlFBaA8UeFBmFCObdzsOMKo_EO9OcdrV9yGVADt1CgCLcnXyKkzMj905VemyXWbgT7E5CbIBEaA8xFz4fLV2hto6jFYep_EqS2WRrw0OtfGKLSJsP5JbKmsJqvo4U8hB7H-itd0hrumYfjctBzZKN6wjv993JBLZCphPudthKaWeNxtLL1D0boe9nIX8gPeY0Hkhg8M8WWNh-BYS0gG2mhOhAZeGZQj-WB7x225CYVqARMB5njir12hOATIwQsPanAqM1MFJrFwWLon61mcn3ICUjShlD-5sXdwUFRNZdA6DXw7FrEtYOEy8vZTHwlbW-5KZfdGNhE0Gh5raZgbshUczZQddZuCYmkm7LuQhjIdWRWqGLGSXku8bcwUGXIQd1puGDN3QGETODkPH5l1tzknsFBR6EoMXYuElFZ_f2b2zgjTK8ZIxfrK2CObFTjrBXFGU2SUWccuX1QiRqMjxy4NrAYOpIQAn4GL9rU1IxFKhjRAbxYR14tBrDn8r3BlzpRL1hB5KdQrqFd2iIpX4YDK_cB-xvctn1v-SGVgDVahWjQNunhJXt0AZ7NtpP3yqdOu1Toc-XqXcowLgzCK6kYG8a0cF9oKRK2-ZCZFK_iY0ekdyxxE8lDQU5Y1_SQCNABEwYjvE42l1MS_0_nLyhCyt0FEUha0wBjMbIR7L33ogMumUbk0CHZqfi9dPwWleOFgEo_A6ICFpacdopGQl8yZn-c8cb3NIVYet5B-2NPRvpU3h4l8_fyLctY4a-My9si26cJS8veQHxk7j3fNdpO9j4pZ3bxfpJ8senqtd4xg_3ZQGsU4ov8bEeFFuOVeLi05g5uglYwxfX7xNZ9r_d-sCzhJWtd6JL6kYvyaIBHypXGaSpCBXM6nz6b975n8TgRqy3JDYxa1CYJhxBv9OkccLutdnqa21HWdPL6UlHJ5x6JgIIdT717leeVA08Bn7dVALp4dTJNuGeuppl08F7ROWoLaRMqWCBEWP8JmKczUufasB9XKJSQ0as_hnZQ_BBYCJLsaPtx0iKkmACEahL289EXazYKitwgyapfbpZ6Gv3WhV1GtUSXeX89-qRnQQKz4XWlu5UoXaOIcp4dLfFB-SEkAs-CwmN0pRItWfodIZM28kN4i-dSrCkNoV_KpsBTvjBMPQuijZ_DDkDO-cXMsB0-JLqxjb6pa_st2rKd6lW4KCDQYwY3dWTiZniPZG3rTiCy4GMyuvx98IlFxYdTQ3jFVG9h4ORGgSpBWlH9fbHoTLMdmeJ8JkEqHKdS-CpR9wYEJq460d64Jf1CQ91FzuwFtvN4WSqAXtjjUlCmTKfrcs738096aahhx5EIfJ5OlgZbqEz30vx6VJ9Lt9IBZN-6Jmtd45o5MAoqweKydaKKQE4MmCZSxmH0wpAZa9GfJLmaGPFqK00cPbI0rPvSZqqQjsYEnv4jntNcGfcnQvzmOp1vGyb6CCTmtvoibWBD8siNSt0X-ojhzTW_r40TglFA7kU8tou9OaMjkt6l94cfN5Zxel6jYczTP7mNd5u69Me801lO0RMsJMUIZANRn9AMTJGyLaDqVeWRSGI38eY5bydMEdexVc8enWQUntirmlfCWbCJUNhGcbudcpxz-uy5cwhz6K2_V3Hq9bEuylr4Qq6eltkz9699YurfcImu_P5Qd4xHhboRaKjmWBjrgVzIOO6FGC_4kxpoyPrhG1MoP2xqU9rDwBxazX9mYgi7DSc69JL_MpqDnQwyLv4N69KA-nZh1d3AA-sURlb2_B-Uf8BChURFvHB6IngY5xGTlfP_d2gpk2kueHfhHpJa4rkRPSTq8EUjSINkNtJB1Bp_xGTksmooESIzsX6vONkl-7CeqATBJLuko3YE-cXnMIQR2dEATSBnlusj5C1DQ9xFIfJ3l1PipcbOceksf908f_epNut63X3r5HurCQrCR-vMmXn0xpA5HhYaGvVf5cv4Jlu4UqMKUkiRT_ULHje1q5he9IuLgfeNRb4WSEAcrf-ZE0yLNmGkyShufIeCqFbLeM2uNzqW0ABMsODPMAhc_nTldH8drCUQ1ZepEf213mXN4wLcOlXkBBCFafKEdtT-v0y9zr_qgzvGtvx9GikIABIl5Gj_-BVnBDVBso6fXqGtcPPM2sPx395hwaWLGE8z1W_bIRIDyGAB&cry=1

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.251.8.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84a92ded7816c3b4ef5131e849e6e1042fda3abe8d625418ed3c89bb5729780d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18629
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:22 GMT
x-server-name: app03.jp.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVY6F61u6bWGatYAx4Sr-wLBOcCayL3KKFEg4Rxqy3m0ZiU3zc&d=CokBAKAmf-DVVM8WTxn9gXbvVWK0dUg_xuYiERPQScy0VpvIEH2VNYPrQwDSkLeb4F-F40a26aPSJ53jsGDFZfKhrGyqeto8s7qO_KUxR4FF_fq511jNzFYNUIOZG0NCrSKZM5JiRhFyfNDESk9s15j4_x1DBIzEIzuoWFCXWXxP12dkn0EQPebwJvESiRQAoCZ_4CDPi2SHqXT6QOSNbk8vkI0IJTZVH4ys_Zpa0ilS5oG-sXilws_BXc26BKDjZ13bvLsxoxOUWuHbNtwwlNluw6Xr83N-qt-Qep92qr5rrK_6YlBWD8cIgo8CrTxLER3wOyWST1F67_PXdQZsJPnzNw39Zu2agAIvuEV0GaZsdrgg4wlWPEBg7EmU71O1OS_OVDep64taFehXq09duaLIPULzmkf1hBc-agqqT6JqKX0jJbMQrXI9YNHNUdiV7i4Mq8xhc8gpD8KsQIsWzWihOQhcE9nOGpD6sHV1JEOaCqzmdxqaA_azq48wpwYekvgABt_mB0EsPzUAxnhLWocfInYUe1sMueLHxN3gMErwZ8uTar5AMjAq4y83eJ5sNLo2mUNhgb2PCmzQhfcYgxSInp4ihefc3dZmP-dbSR0XBynvOiw6BuIfcS2ZQ0aVNBih_Fi2rt7aCaeMbugVkCBK4kPjy0sPRHndArHKduIPZKZhp-1frI6DK9a4lVBc8W6F2q7Ext-yzDbDXUyqT7l75wPsbJWIGWSFIt2_uORMSx015HR3cKyKihHLRDNtPqEJ5bwVC3BCschAjeXyrzIAjBQFo8P9ro7_yxAhCVqoQCOUfA_KJrAxSFKR9tD3t1g6LlhBBqnfHLNhyh5neCzmB81er0dhqNt3ZIjet66mw8R12yLBWGaC9TMSbo703_ECOx4skbHED1Ug103470LLnYg9Ch7LiNPsy3xXh7nm_NWgn3BSTd6jqbXMHcIQQEqYxL18JvqkLYe_SwpzyENQ5osjJwuLLxo06SdoOOIqGhu0rhlIFOtUQe1RqeUGTqta7P1z9YKyydHVeSdkgl23jufx1QGCt0wN24mQCOM7i8BDfQTfhoQJtYrIeQ2nqaaJ7l-wA34uWNGY33wv9REsZ2wtsUphmpYpb9l1HSx9--THcR3ixJ0ialRnBodJmqQAmym3Wq7MFwL5OymBIONBW1vYSTTd1HJkOiYpMZ6NngHpSqEcV5AD2H4xeDPRSmUMdti5H5lD7gi3wML9W3fsC8DCVl9ZUgyVsQzLTWJ9nboJb2VHjndLfvjKsx401PBJp3m9242rYKTHzTjPncmk2BrydqZ_SM7P0fBOBOKzQY8bp2IdIv2inK48uhlUjr525VQekIPyMMPcNleRZriN8IQ2PIQWe37pOQRZuCyAGBx30I1EgLaClYEqXlwfmtODMiQRdGpj9kPVnyEDTNvvpBtArONP7KkuShFbpCEpTA_DffoZVKyqxKrZZi1xrGZPUhTK_VDTkSrQskdUooMcsU3mGJG3F0SlFBaA8UeFBmFCObdzsOMKo_EO9OcdrV9yGVADt1CgCLcnXyKkzMj905VemyXWbgT7E5CbIBEaA8xFz4fLV2hto6jFYep_EqS2WRrw0OtfGKLSJsP5JbKmsJqvo4U8hB7H-itd0hrumYfjctBzZKN6wjv993JBLZCphPudthKaWeNxtLL1D0boe9nIX8gPeY0Hkhg8M8WWNh-BYS0gG2mhOhAZeGZQj-WB7x225CYVqARMB5njir12hOATIwQsPanAqM1MFJrFwWLon61mcn3ICUjShlD-5sXdwUFRNZdA6DXw7FrEtYOEy8vZTHwlbW-5KZfdGNhE0Gh5raZgbshUczZQddZuCYmkm7LuQhjIdWRWqGLGSXku8bcwUGXIQd1puGDN3QGETODkPH5l1tzknsFBR6EoMXYuElFZ_f2b2zgjTK8ZIxfrK2CObFTjrBXFGU2SUWccuX1QiRqMjxy4NrAYOpIQAn4GL9rU1IxFKhjRAbxYR14tBrDn8r3BlzpRL1hB5KdQrqFd2iIpX4YDK_cB-xvctn1v-SGVgDVahWjQNunhJXt0AZ7NtpP3yqdOu1Toc-XqXcowLgzCK6kYG8a0cF9oKRK2-ZCZFK_iY0ekdyxxE8lDQU5Y1_SQCNABEwYjvE42l1MS_0_nLyhCyt0FEUha0wBjMbIR7L33ogMumUbk0CHZqfi9dPwWleOFgEo_A6ICFpacdopGQl8yZn-c8cb3NIVYet5B-2NPRvpU3h4l8_fyLctY4a-My9si26cJS8veQHxk7j3fNdpO9j4pZ3bxfpJ8senqtd4xg_3ZQGsU4ov8bEeFFuOVeLi05g5uglYwxfX7xNZ9r_d-sCzhJWtd6JL6kYvyaIBHypXGaSpCBXM6nz6b975n8TgRqy3JDYxa1CYJhxBv9OkccLutdnqa21HWdPL6UlHJ5x6JgIIdT717leeVA08Bn7dVALp4dTJNuGeuppl08F7ROWoLaRMqWCBEWP8JmKczUufasB9XKJSQ0as_hnZQ_BBYCJLsaPtx0iKkmACEahL289EXazYKitwgyapfbpZ6Gv3WhV1GtUSXeX89-qRnQQKz4XWlu5UoXaOIcp4dLfFB-SEkAs-CwmN0pRItWfodIZM28kN4i-dSrCkNoV_KpsBTvjBMPQuijZ_DDkDO-cXMsB0-JLqxjb6pa_st2rKd6lW4KCDQYwY3dWTiZniPZG3rTiCy4GMyuvx98IlFxYdTQ3jFVG9h4ORGgSpBWlH9fbHoTLMdmeJ8JkEqHKdS-CpR9wYEJq460d64Jf1CQ91FzuwFtvN4WSqAXtjjUlCmTKfrcs738096aahhx5EIfJ5OlgZbqEz30vx6VJ9Lt9IBZN-6Jmtd45o5MAoqweKydaKKQE4MmCZSxmH0wpAZa9GfJLmaGPFqK00cPbI0rPvSZqqQjsYEnv4jntNcGfcnQvzmOp1vGyb6CCTmtvoibWBD8siNSt0X-ojhzTW_r40TglFA7kU8tou9OaMjkt6l94cfN5Zxel6jYczTP7mNd5u69Me801lO0RMsJMUIZANRn9AMTJGyLaDqVeWRSGI38eY5bydMEdexVc8enWQUntirmlfCWbCJUNhGcbudcpxz-uy5cwhz6K2_V3Hq9bEuylr4Qq6eltkz9699YurfcImu_P5Qd4xHhboRaKjmWBjrgVzIOO6FGC_4kxpoyPrhG1MoP2xqU9rDwBxazX9mYgi7DSc69JL_MpqDnQwyLv4N69KA-nZh1d3AA-sURlb2_B-Uf8BChURFvHB6IngY5xGTlfP_d2gpk2kueHfhHpJa4rkRPSTq8EUjSINkNtJB1Bp_xGTksmooESIzsX6vONkl-7CeqATBJLuko3YE-cXnMIQR2dEATSBnlusj5C1DQ9xFIfJ3l1PipcbOceksf908f_epNut63X3r5HurCQrCR-vMmXn0xpA5HhYaGvVf5cv4Jlu4UqMKUkiRT_ULHje1q5he9IuLgfeNRb4WSEAcrf-ZE0yLNmGkyShufIeCqFbLeM2uNzqW0ABMsODPMAhc_nTldH8drCUQ1ZepEf213mXN4wLcOlXkBBCFafKEdtT-v0y9zr_qgzvGtvx9GikIABIl5Gj_-BVnBDVBso6fXqGtcPPM2sPx395hwaWLGE8z1W_bIRIDyGAB&cry=1
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 6DF0 80 KB
21 KB 367ms
218ms Script
application/javascript 2600:9000:20c5:4400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c5:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 18:45:02 GMT
content-encoding: gzip
age: 911600
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 de1a76a9cfceb99637fcf59c540ddbde.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: LAX3-C3
content-type: application/javascript
x-amz-cf-id: I84OMalF1Nyv5pyO8De0qz0YqoAQAQam0J3fgJf9v6HJq946Ao-WsA==

GET
H/1.1 200
OK dvbs_src_internal107.js Show response
cdn.doubleverify.com/ Frame 3D6F 55 KB
18 KB 3ms
3ms Script
application/javascript 2600:140b:400:1a9::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11025772&cmp=28270974&plc=341925104&sid=5795532&dvregion=0&unit=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:400:1a9::4469 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 14:27:50 GMT
Server: Microsoft-IIS/10.0
ETag: "0f7cd18d7cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18120

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CF93 43 B
215 B 448ms
172ms Image
image/gif 2600:1f18:1aca:4282:926:ca47:6d94:f346
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1109672&asId=c402dd72-af98-7f3f-5b08-c6cca16a015d&tv=%7Bc:lINjSL,pingTime:-3,time:55,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:55,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B49~0%5D,as:%5B49~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teWpWE0+11%7C12%7C131%7C132%7C141%7C151%7C152%7C161%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g1%7C1g2%7C1g3%7C1h*.1109672-64802888%7C1h1%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:926:ca47:6d94:f346 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CF93 43 B
215 B 619ms
346ms Image
image/gif 2600:1f18:1aca:4282:926:ca47:6d94:f346
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1109672&asId=c402dd72-af98-7f3f-5b08-c6cca16a015d&tv=%7Bc:lINjSM,pingTime:-6,time:56,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:56,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B50~0%5D,as:%5B50~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teWpWE0+11%7C12%7C131%7C132%7C141%7C151%7C152%7C161%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g1%7C1g2%7C1g3%7C1h*.1109672-64802888%7C1h1%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:cloudo3.com*&br=c
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:926:ca47:6d94:f346 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CF93 43 B
215 B 613ms
347ms Image
image/gif 2600:1f18:1aca:4282:926:ca47:6d94:f346
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1109672&asId=c402dd72-af98-7f3f-5b08-c6cca16a015d&tv=%7Bc:lINjSV,pingTime:-2,time:65,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2638,beZ:2639,mfA:2641,cmA:2642,inA:2643,inZ:2647,prA:2647,prZ:2656,si:2662,poA:2663,poZ:2681,cmZ:2681,mfZ:2681,loA:2694,loZ:2697,ltA:2703,ltZ:2703%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:65,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B59~0%5D,as:%5B59~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teWpWCF+11%7C12%7C131%7C132%7C141%7C151%7C152%7C161%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g.1109672-64802888%7C1g1%7C1g2%7C1g3%7C1h*.1109672-64802888%7C1h1%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n,idMap:1h*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,sinceFw:40,readyFired:false%7D&br=c
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:926:ca47:6d94:f346 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CC54 22 KB
8 KB 3ms
2ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 252624
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 09:47:58 GMT
expires: Wed, 16 Aug 2023 09:47:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E3B4 22 KB
8 KB 2ms
2ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 252624
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 09:47:58 GMT
expires: Wed, 16 Aug 2023 09:47:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7DA9 22 KB
8 KB 4ms
2ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 252624
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 09:47:58 GMT
expires: Wed, 16 Aug 2023 09:47:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 3D6F 443 B
532 B 296ms
106ms Script
text/javascript 69.174.120.105
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_201557136140&jsTagObjCallback=__tagObject_callback_201557136140&num=6&ctx=11025772&cmp=28270974&plc=341925104&sid=5795532&advid=&adsrv=&unit=300x250&isdvvid=&uid=201557136140&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=104&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=4&fcifrms=23&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=155&eparams=DC4FC%3Dl9EEADTbpTauTau4%3D%40F5%40b%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau4%3D%40F5%40b%5D4%40%3ETar9EEADTbpTauTau5afch222%60gehbb3h4_a%60cc56%60ae3gh2c%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=6.00&callbackName=__verify_callback_201557136140
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.174.120.105 Avondale, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 2579f29902d32040945664436a04ed03798404d8f5f5256e6dc7aed0ba65459e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Aug 2022 07:58:23 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 0
Expires: 08/18/2022 07:58:23

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame E091 36 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 06:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Aug 2023 06:58:38 GMT

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame CC54 36 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 06:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Aug 2023 06:58:38 GMT

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame E3B4 36 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 06:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Aug 2023 06:58:38 GMT

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 7DA9 36 KB
14 KB 5ms
5ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 06:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Aug 2023 06:58:38 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 29BB 43 B
215 B 528ms
345ms Image
image/gif 2600:1f18:1aca:4282:926:ca47:6d94:f346
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1109672&asId=7cc3d24f-1ed1-6da4-9b95-3e0a9f1ad477&tv=%7Bc:lINjUg,time:231,type:e,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:231,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B226~0%5D,as:%5B226~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teWpWCF+11%7C12%7C131%7C132%7C141%7C151%7C152%7C161%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g*.1109672-64802888%7C1g1%7C1h.1109672-64802888%7C1h1%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n,idMap:1g*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:926:ca47:6d94:f346 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CF93 43 B
215 B 480ms
344ms Image
image/gif 2600:1f18:1aca:4282:926:ca47:6d94:f346
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1109672&asId=c402dd72-af98-7f3f-5b08-c6cca16a015d&tv=%7Bc:lINjV0,time:194,type:e,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:194,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B188~0%5D,as:%5B188~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teWpWCF+11%7C12%7C131%7C132%7C141%7C151%7C152%7C161%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g.1109672-64802888%7C1g1%7C1g2%7C1g3%7C1h*.1109672-64802888%7C1h1%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n,idMap:1h*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:926:ca47:6d94:f346 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame B413 106 KB
37 KB 41ms
3ms Script
text/javascript 2404:6800:4004:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: cloudo3.com
URL: https://cloudo3.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
Origin: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 06:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 Aug 2022 06:05:17 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/ Frame B413 8 KB
3 KB 3ms
3ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/omrhp.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNX5G-V84DD-JXpew00bi7gU_VnPhkBybDa1Yb6O2TKPou-37EE&d=CokBAKAmf-CcPw9OLNwvgsBZZgwyel2SomfuIUviT0sWCI2M5uBez8T0YP1vE-Wv-DieYF_t6tcDRy-GIwIGDgTk9_3lmEpPnNDJ8QDa3GaEhSwR5-8J1X3gNWfWaoWY9v0Fq2chctKj8unMDFbkmPKHQN0ZuwplFcVXEdDNY6rFXPJAHd_GvVPTepoSyRMAoCZ_4H00YO9LCnzSBpJg9k0xPWvAbawhwDqfRdVzhS1vlDoSMHWpUkNR70Evkqgl8t8AnbApaYMHW1U_KIBgkT5wclt--1pcTsg304tT5_Nn_Yo59viWdenx1PeP42SXNZdaY2fo8vSTRr-bfUcr6FT8SR_2o8szfm_giTjxBfAEFfzE-Kw6BdTJgMqnb9zxIjlDcm_ETyZgFzpI7UDa_F1Uuct4LtWBVCNsJ_JWLhzhTzO57pVZvEZCYxpLb8pHwunmArvTi4dwbXhZDc3vgTKyjj96-_IEC8dS29T-eiflDniWdxBzCiz30xHDe-037wq3wHXzEgFX1KTxO6g0vrCyuCwCjTDaKsDkys1tiL_-b2GuCBUW01Ldlc5_IAFtb6lhsZMvZf2CysVuapn9SJ4SxHwfbp3B0UCZnfV2XeE9fZwNZpbNVOfwhS-IJUpPgW6Tv9v-aAjkd815b6eZSEZC1Sv4RMwiLJhqx4r_MqAszUwhhSZGvY9JpeSrVf7UrilujXuol434VQyJjipjWwC2uFPweNj4dtw7zbt9yVWAxSOK_WDW7zvSjl7tKV9X6_TwucsxFYtwyWaGcJGVHrNbuvYr1x6fh1toBiYkBc3dEs0QJlr1z8hQ5Xb1iWD_5aGhiSIMFvyi5dWJwROSOIalk2T_2_afLcdG9rGhZzIsWLkRVzAqrkrXz6FCbKXqsxnAq6PVrshGBIGQMndwSjCPmZET2G1SyI_5mAUBfryewwmjnV7Thj0lL3eGyao9bHn0zOt64eixgkMaiek5pLnoaNs3eH3LnKWEsw-HpuavYFTY5DFAcOMbh-3b5tePByE9HLNB0ANpWi1FOZImWGT2BTL-v4o5pIekK2bOwlCFieU8JyNgRQELiglr0rxDZQ1eQlc4phS2tuB-6Jk5fhKdy0DCWDRctJNr3fehQJlds5R-WC5w5kcy_D6G5K8JCKL0oPx067BaEtqsjlfX4jA6FBJvLGVGUdSivrTTjF7ckrr1u7jVx_c05ygWIZzQVDcW6qOBZ33aknmUyqmhGVwDGjsVdRfj1-a3l8ry0GghoBfcUpxhaOji75NI7NT_CxKXNPb0CHDIkLWqdAqvCZN6TbmvnSEJ_7h91APOXHyGlWjNpAbBFAsqkYCCILQHAf0wOZdYP-9_wc2HDt2pYQ2-4AqCbBNSo9mBdxxNR1bt9TnUq9ze9oLWW8fI8Cj2patDKe-zuYiyfAhEJubyNeWQdaeTz-m8JiYSJeZQfH2Ma77bMviLVwv8sHohx3n-1xWew6zLNC85S2Hr5K1J7Upo9qMG0HvasueEvJx6yIB9qd9Wm3glbPfnxoOIMdNgCkJRl1NGCDJTMgZiR4klOE5Jk3vsPWgtQqcz7d80PMqiJwcTvXQ_RZznFyaxjhs0rY8gEEuWJL7JupauByyFnZQ-JU5sYo1V8L8sC2KqeXt3GTllu6BD117vFkLiWjh8BM4_mfDt_AFOZ6JFKOIGqR1G3DNWX1vugLsjilCuXMvXAR-QcH8GbLuoSIu1epaJP9MUPCSbhRnVuE74ra5QDpb1J8OXrIn5dQXZVTU-UpGXmiVC5G5GuxW2F_KelCDA73TCSid2l3z6W6VDoh7C_f6by9d6fe_ha0_eC9AQXmkKOhgMWgQV6QRbHnAMTYLMgr5Fpc71j40qeVchVJEFdelEHJ-ZrNWDOtXK8NC3dfTG2BuaoYvu-_OYQLczNpW0EJqwX5zH5HAq7RVJ4Qrkqx19eGrUvp4BOAnnJ_qtVFuT0yJK_IsANj6MSBR5JV-XJVGCrJ9mMmds-TxmnZdOvzZjQKtLkr0aqVN3t6oWW3WpLBEC8kVUPDRV2Qcc7TuTQEuBuB1EN0N0jquxqtNWhG4kR9OKDVxVe175piwTkFXFEphAn50Clsg0vLvZjCeErJQ_NIF_uQZLmZHFwMfbEcfBdSvAWvbjojuuCd0_-rmkiVD8-Tqp4rvcLtguskNBNo8qo_Y3e0Am176_MsNfgfxhOwtD4-PB-S4tT_n1e2Wjrvwv6N6xyiFB7JDrhbTb2tCvI1EP3mXjG6MpzVc-xlPyImq3__wO5jyHbMrpcLapj5MoicYEaq2eUGPW6DGTX-eymV10UZJaR8pYPt4m57PlPhjiWo8Qt3V5sH6NeQsxf5Lw6aHlwCAPS8bQSPoKtKmvhrNwYqI1HW-38-xOynI11Fhxkb6pB0dHNdjPwSb5Bj1N-D-_fqaxi66elkDhCbYjRx61g891krWdqES_2oqBiXYr4mFGzDCT-V7cwaAgVHfn9cQm79VrNhYjYouSfYVxB39Xz7yY1H44Ek--yNWhN9d9pN4F6eidfvnMp-05hvIDxnPkdspxisDV9Dh02WKACwwjqfaQg0wet_EHWvJ9FBvMsnf0GF5K_SA_zbCGzYCirpD8vQFXO8-7YRPViQAR-RMPO6tLMNjoabOCaHj12CSmJZnBK7OqQ9Hv7Mx7CYeIBILbAUEz1ZE02rUAJ4fluNpN3AGhNfE5Slz7PdsiRIfWJ0gVFmYo3R7GC2vB_6ifEEJYASNCXqSr61kIbKaYXp2dIiHKDKB671FaG5YrvlRFqrDhQ3Za13oG_p2hZgok9K0YAPZaSkrzRuGFNMOuTPxMEj3iyIKjCReE5yPhud_ZuZTzJCNR8M8Bn5VCAl9MDHYppnRlIuc9qRJBQMvoqosAYEP3pN3-M6meom8KFy0nBzeE8ZNTQ_CAGjR_ZdSLyO7CwztuKiqIzF9wEFEBRNa_9LnaWeRsqGHnLSPvO0m0te7tvRjBTx17DNy9jVsrLMOa1moRVPCXWgMaI0el_V4STsiUBIBOBHE2suOygQZlF1tMozhU_a98ViKTZZdC9NQMPZVQlsxUO3oGyiHng5HIvUCISbAV6FsfN_xwoWU24-5PCUKo6VQWa0oja9zAYHLYzVub04OJ8_YyWm9KEyPFd_4DEmp5KGAkRwqYdNce3wgF4M1eVUJUnbp3unqAEamAisapOWjjq35EmwNQKUAeEGn5Blx9Qc_oJp9KN1MXrTpL7QgBt32ZArpfS51Jpif0vxEdSqFykuk01ga-ieZuW38GXKRDs3UxQlRX6IFmZKFn1MRzySRCHOQZVUPVLbpsWBSbSB5Y2C2YBYW1gdh9oEXehHNtE190z4Pm-6q_WM1cBQiiKHC9Snf46E2wB36P-avTF0hNGzaYxqooOP6gppJBLT_4LOOmjyL6HvZMNa9Rcnyfi5Q-Iiu9B483rOsu6ouiTaCzQrfg6mu6bN1OciQa_FgbQq9pIvHmHNBcyt0i5jNc3F9Jo-WD_x2AGFcCoglRtdMqT0XaV6wiS5I1sY8aKQgAEiXkaPWs11cOXWE0CkJNz8sie9LshjQ6qkW5aPVlFOZms26XJhYdYAE&cry=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:49:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:49:34 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame B413 30 KB
12 KB 3ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:38:48 GMT

GET
H/1.1 200 457933 Show response
cmp-as-tm.everesttech.net/ads/cmp/s/2021/ Frame 29BB 9 KB
4 KB 416ms
76ms Script
text/javascript 18.136.144.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-as-tm.everesttech.net/ads/cmp/s/2021/457933?w=160&h=600&s=5&dsp=Google+DCM&clk=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsu5zT66FE19UeJFQHBbd49GuKxgEypyUY2yoIZ0GxhXM3Su5baFVbgOGAEevrVwxsT0gjug8QYge3lJlOSDhmRUDTMPTuFbLahufNEIuALswB3cx5byvbDKYzFn3-FzUhm_nIYm88ur-F6Ehbv5WdAKUoqdUY6TnjWlOJ6CL4KkZynO99IjS8XodHriPzFaopZijo5pw_dbYxA2yQCAkboZzueQ9-Yzyhyo6kZSmTU6956fLfJU_9TIf6-1L1uBR9_L9Bwlr2iiv2uwjTz7jfU8K_floHUPwpDcRDVPIjlBAT_uO5V3JzNpTQoszJ9YPN689nn9Q6UYs6yFSMSxYQQCz0tcoCMqV5fa_WcOujIHowF0bX8MLe2yfec9K9S7w4hFJOdBKtfyEuow4BxJ_oJ-NcQZ4ic2A-JqY7ZCkNE1eOHXwni92YMXnsZ4VGf9nBEFJtcFpyX4C-Qv_dIht9pOcXur1kV-2zEzRkiYCSoshE15KgA0h2nDeexY08GHLg4pHI01xqjh0crmiKCTO5sQa8CMV3Pm0BXl-NvyHOUjK5d44Nkktj43fBJU3hYkYiJkgHgPL3qSAiXaHI8KGdG_NaXohfcHtD43-gQhNoV_9OKQmJjHcv71U8DhOZpyywZR7iyVtsQSdkliQDgnYdVCJ0YRY3bwfbcR2Heqqpbthi98zKDd87gUavuWM-9uqsIbM_8naVGATe-JDim0fdvVFzMuNYxuF03ICcVF4mEEfn6OsZIQVH2t1Gtjf0rCVWYp4xtimDgja9GyL4rYq0VxhY966ceXzz2zk-pR9nPWpVNNbGnWMDwj1ZoRV0UdQ3yNP-fvXUnvhJRDsqqDV9jTpmPKfR9iIQk7SoqBtleiOaQzHiaP9AnScnph2LALliimZ51e6AKAwo-AWRx5rJulSzGtfm-zezxFsGgT24_6TXyxBEJ6GbqSHKed6cTddUhHC6kUWUaOoGHOpIuOoGo5GtPJ-0vUCQhNYk2DcYnp-W0W-r7iwqmS1d0Ul_ojoTH0Mx6DRyDp-RO2xQB4BncKCVWXdac2x_BPQ-lem-TFAGMoxLwK3RtAPLfa0-WsRw-XtAebp8r3zfxQCCM2yaPcL6DoSI4zarllNGmSZJI64Ly7bWNlZxkqr7IJfn6HEsXvZADlyY__Ph_YQpTxxl3-q6D6-knRf0GszqUd-3H5Yb85Hec2ouGNq0-4BdNDuoN4pa8%26sai%3DAMfl-YRa7sTSlDqWs_LlUnixEon-R2_64Dvs2OGcdHAqU6XEC3g3UqChZqRL2QxbBZdbs7xGm8bOYhzVqsHkv_eDBhtxJl4EbBU1ozuhnggtFn29HY_K7MxCONxXxbcIhm2N4jwx9XEQGNGnfdPzzKAg9-TwCHTnoaTASv8HWRHIGDgvDtMUCNy3edQKIQwh_i4Ig972YNkLypvN8kY6Woq1Pi-swfoCyEkOzGA%26sig%3DCg0ArKJSzLkrr4nYZ-puEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&dsp_bu_id=28195199&dsp_pa_id=341376302&dsp_si_id=6958819&dsp_ad_id=534000586&dsp_cr_id=175149797&dp1=341376302&tc_1=cmm9q5m2ohy&tc_2=28195199&tc_3=341376302&tc_4=175149797&tc_5=dcmadvertiserid|8404942$dcmcampaignid|28195199$dcmadid|534000586$dcmrenderingid|175540445$dcmsiteid|6958819$dcmplacementid|341376302$customer|Microsoft$dv360auctionid|
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1109672/64802888/xbbe/creative/adj?p=APEucNVY6F61u6bWGatYAx4Sr-wLBOcCayL3KKFEg4Rxqy3m0ZiU3zc&d=CokBAKAmf-DX8HwDWY9oC-7MAQwYZV6QcSarBpxXfSsDvZ7RG9SIP87xzXbhtLqj5hSx8DaTC3n-4JugnJF0NwLTg9oM1-ssCuPZf4_CvXECYMHZ-8XYQmSA-KzQ7cdRno_seb3he2D89plMznJDGFLgetp01_bRliIwMLWWR_f9l9DZk2utP246c7AS-RMAoCZ_4Di_XlCcLPwJKNHOvmWulK_CaC56ZGQWDwOgQkROxlzJBO0EOTT7lhXNRXGTMh3Un09RWpm1xzm9dZPJlGDWdI02SeSo7cs_HCMDmiju-lUarNwKNiyDJK6fLAMUtlAm-QYaIw2EVXNCiXFk27zUDononJbJLnkCyttBswYS71Czb89NL7LcDvV-z7ffA6cAQfQD5iqI3P1SADv6QPvTuYXLJuZQoFoxTtzTW2JxQ1oSVFkpAJNcYFVKsbKDZUlWHKwvICZO7FV_QpAn2SnQ8c0J_mOf2xzxtsSv2qW9FcO2_PUZTD4LL2WSKb61q8D08gXvG7gx5gXHv8OUyY0bJYXoph-wqLqQz31ksTlsKErdFRot8kvqeWPk5A4U2RIbdx0gM4yukXgJWU4pDCN-FwWMRUSQxFjfSF9i_RPIHWM1-rqkvOzrWwu1b9w2tDjPH1p6GIQBm42x775mb_cPBoGJRiRcsdF_gXrbld1MidqYJyvKnquJ6DsIDPzmXm7yHrg5ggI0ildSVmfOwJlNH6vKjYcm9J2jXYyilIIrv7gymPlwTmc0ilk8SGl0t1FxdWkONP4GgmjdjIBeq7LLUpTexDaE_1vXGC16Vy1ZLzwKCGj78QjnCGZ9OmbyZDR5PTz9lN_C8o2u7M7bDz8ZsZ2-WFjDNrtTtUH_kyE1vQqY_9-x9cGPUC-iZJB6x5QhVDRhBLnWTbnwzR8qs-gklMfk_u01Em8uGG2opHEiaHsjtePsMjshZ2LvohHvakocfGci8wjNqnwTkxNhARUWgocdvg1D6ObH0J5RDDiZMdgZbgckLV5zMLaFe-pbL60VpyS-zBzQbOnGUS0WOaU55qgviK9vB3dUIcRSfXjrN9a_msw_X6Yf07gXiHVEjvggwh8L6GLcniAGFZsb5a6t2GU65pY7AtDKZp503cJei0OI8I26NHLRh4TgT8OW-vKgA1ftSSnUTnvoHlHbvNTLJbfZ6DxRZB3RkKU5UUSYz2ajcLo6XMsV45wKZ3TNd6RRXBrI36wO5h7cf2Ii1ghdovK4YNmV4IqMiQPi46DHpzerwc6Xk1Fpy12pVrzN96xKBXnoB4mP80mmE_0yLfkpnfhzcvEuwFhXf7eRgatKSnkXFWq9XmszHWs4927zF-3w6SrWHKsZxKBt2MKi4S0EVcFIB17MPHXVDB34xmurfGkn_LnyHhtx4tPwvMEmHJYXSpAU5zpyXFktAeKSwFtck8r1iEj3LPxFtMbhFcv71EWX0BmXot4w6STVl4MnPR09jTtbpGn4IFRovHE7IbnYsozTZ5hBmYHnIWbsGtBbyUsBf-7Gol0DScDZDA_OgUjj6TjIuMcYpfruyg70fRXU3RqKA_gEuDLPZiVQiMPsB_CGL6UzE9CLwvhEdxgKG3Yi-96oZoJMrMADsJ6UPUGkbCt3FAQ135ve62LB7PLD-Hk9mYFSAYZVsK3ZCL0DV72BzZA_03Rw8JrAA33wNcSMNfsre6e5bUJvIOmGvyIxuqR4KvR_VLDSAul4_6G1gR9j3UayhG9yvDzxmzpSXf0sigD8KbjNPNN9Jm2hChxWo7kh6_5Zs2laQPP0PD19NNZMuGgOBa7GpjRJEo0Rctt0w3x284G_9KdYYk66grJU9ZK0KEmKhEBJCYYkyBfZfA1owzMgA_GF5qjEZAcoxDqql1G36oiRcxVbr9ima-OfuMUB7NZWJrOw75bcxWAp1HLHawFiRq8jZVxlZ6qMoWjQcDjg1eyxrGgWR6E9fVzeGr1xva8wq4p44M85spbB48MLTh2MiGY7ujGbXmy2wOvsCg3kppO4GKaRRsQdD0mS_NyTZ6ttvCR7-P9leBag3d8c5JZnEp8Vi09Zaq7MrNU0DyRaC8LYOakPhc_SiOPf9BhGOjykY5oLw2FD_YROJL431KiL0De_jOy0d2BYweUdi1q9Ec_uGfJFVEB1FqtXCKiMQYH2iEs25-psO5JNZfvCMUgAa19LZx8iCfewYwiWNbRiXMPx0wszKQvERwQBO9oaGhLF8_2q_PM9hTfalTfK9ejCz9JoEG8Aolbba1q4W0i2SYMh_3Tu4jtAA1ZUSWpuCehAGCfmdUJSskXzl0modS0TGB8cw5lRL4AejsomdNrd0RQlomP-0mBk47oWPiQfBj0eJ1Az5ZkIafZSuGB5nZGcYkzUN2RFtN9V113cL5FAqXI9O5Ncg8pHCTXWRlrLqh8PybHIH9T_UKwlfevC9qsKixo3hIoUFyhxfj08WRLB4nbjA9ELBTmbZMc_nrfqBP8HhCPPbhd9mH7fbUjVZKFC7ihGUr7WgdA8oPSHsRHSsawFOjh9lxWERSoSkpzcQS_-gQeRcibL0OfYVSxiBpXlV1grWtMXA_0i4wuN9EzLg47_vJZno6boqLOv57cNKV0g0G5nnFhMeNu3oKibGQf6LkX8R6Pk0Dvr4tkVeq20GaBXNt0eh0ci04EGtR_ARuxlUzU0gsOVEoeaNKqHj96WWbFw-BOnvgmlKbKz7ZVEOlx09E06mEq-XTJY4CC4sH3HWOj2L7-ZJCZvO75XPul27vU2aYTzJ2iu9CEEz8446nA6z8UT15I3YsKK0sCjRXlzRa_V1ZIF5Z3DZY4zwtWzVq1ciUr_DAut5f1ZcSDn-2aC6G97DJW-qT0KK56F6Hm2In8vnLvA8nhfD7ZvMzurUoZaikuarZ4l15l54Ws5ppCqrYv1S_FKWkmhyuN5wGprasWWAYbSrEk7v-Y_JRBCZf3Wo5B1TXnF-5b7iT9r3sFVPAtkV-O-0I4SrO86tYEfqGh-UEdI5n48iJGPZrNlYHxCAeX0hmw_5HYOjERG37a_f2RlgHQwJH_jJfK4OQMi8F5GOC0IgLr_2ZVSIqlf3hgwl_ppJjEqvyUxffyLc9jPkmr4JgUvF7HCPsOTAzZR9a66hFNZPW1XojywE7ve698EeC_QAM6bwXcK3-09PbJZwHUemUE6zj1SyOkE1ymyZhB1JVMnI9cNew_QXl1oOlJUy9P0n1pXq_608VEOZJyKGBoolnacHDA7uvzI7iCzAF5nAWGqa3UX5Kp1qzbyfvBLe3AZwmPfMzRD_23JV1EcrWf3epoZ2TPOYUdGIXWJfMeD3UyCFJHdEtQdoB9Kl2duHGxTNRCqeLS_GGMfHKxrJMJRQDkisk2jQB7iMZcrpYkWMYWNy0XwxrXd8zE61zW_Yn_6HioMT6EnxewDKCFBbtlx0zfgCHXG1lnus6dNhPJQ_6xII5Acu7Q0_2ZwF35p47s-CJUo2bD76mz2VDUE3xenyuzfA70-cGcJl08nGyj7afwecV9jItxQMP2Tw6mUDOsNms97iJrEdyQM2zpagI-QotgRaSnWiuxOneHiSQ8GRK_eywtXJz9K74ySZwcaKQgAEiXkaIMFGc19cKxHXSE0VTw2pLX9uKjOUXz9biE_LkuvMeKiHb9CYAE&cry=1&ias_dspID=3&ias_campId=1008365748&ias_pubId=pub-7383171830614216&ias_chanId=1&ias_placementId=17749152915&bidurl=https://cloudo3.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gbN_6YchzlBx3CuKJqZKAd&adsafe_url=https%3A%2F%2Fcloudo3.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fd2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fd2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:7cc3d24f-1ed1-6da4-9b95-3e0a9f1ad477,c:lINjQU,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b88cc7b76-gtwnm,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:teWpWCF+11%7C12%7C131%7C132%7C141%7C151%7C152%7C161%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g*.1109672-64802888%7C1g1%7C1h1%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n,idMap:1g*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:24,oid:b2532e61-1f94-11ed-bc2f-3ee93431a39f,v:19.8.343,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.136.144.91 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-144-91.ap-southeast-1.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: dbe1f7e73552941b5d6c02b6065bc6a7a76189ffd13257267d6b4be853485e5b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
content-encoding: gzip
server: AMO-jAds/1.1
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
transfer-encoding: chunked
x-h: cmp-adserver02.adcloud-prod.ap-southeast-1.private
expires: Fri Aug 19 07:58:23 UTC 2022

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 29BB 30 KB
12 KB 3ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1109672/64802888/xbbe/creative/adj?p=APEucNVY6F61u6bWGatYAx4Sr-wLBOcCayL3KKFEg4Rxqy3m0ZiU3zc&d=CokBAKAmf-DX8HwDWY9oC-7MAQwYZV6QcSarBpxXfSsDvZ7RG9SIP87xzXbhtLqj5hSx8DaTC3n-4JugnJF0NwLTg9oM1-ssCuPZf4_CvXECYMHZ-8XYQmSA-KzQ7cdRno_seb3he2D89plMznJDGFLgetp01_bRliIwMLWWR_f9l9DZk2utP246c7AS-RMAoCZ_4Di_XlCcLPwJKNHOvmWulK_CaC56ZGQWDwOgQkROxlzJBO0EOTT7lhXNRXGTMh3Un09RWpm1xzm9dZPJlGDWdI02SeSo7cs_HCMDmiju-lUarNwKNiyDJK6fLAMUtlAm-QYaIw2EVXNCiXFk27zUDononJbJLnkCyttBswYS71Czb89NL7LcDvV-z7ffA6cAQfQD5iqI3P1SADv6QPvTuYXLJuZQoFoxTtzTW2JxQ1oSVFkpAJNcYFVKsbKDZUlWHKwvICZO7FV_QpAn2SnQ8c0J_mOf2xzxtsSv2qW9FcO2_PUZTD4LL2WSKb61q8D08gXvG7gx5gXHv8OUyY0bJYXoph-wqLqQz31ksTlsKErdFRot8kvqeWPk5A4U2RIbdx0gM4yukXgJWU4pDCN-FwWMRUSQxFjfSF9i_RPIHWM1-rqkvOzrWwu1b9w2tDjPH1p6GIQBm42x775mb_cPBoGJRiRcsdF_gXrbld1MidqYJyvKnquJ6DsIDPzmXm7yHrg5ggI0ildSVmfOwJlNH6vKjYcm9J2jXYyilIIrv7gymPlwTmc0ilk8SGl0t1FxdWkONP4GgmjdjIBeq7LLUpTexDaE_1vXGC16Vy1ZLzwKCGj78QjnCGZ9OmbyZDR5PTz9lN_C8o2u7M7bDz8ZsZ2-WFjDNrtTtUH_kyE1vQqY_9-x9cGPUC-iZJB6x5QhVDRhBLnWTbnwzR8qs-gklMfk_u01Em8uGG2opHEiaHsjtePsMjshZ2LvohHvakocfGci8wjNqnwTkxNhARUWgocdvg1D6ObH0J5RDDiZMdgZbgckLV5zMLaFe-pbL60VpyS-zBzQbOnGUS0WOaU55qgviK9vB3dUIcRSfXjrN9a_msw_X6Yf07gXiHVEjvggwh8L6GLcniAGFZsb5a6t2GU65pY7AtDKZp503cJei0OI8I26NHLRh4TgT8OW-vKgA1ftSSnUTnvoHlHbvNTLJbfZ6DxRZB3RkKU5UUSYz2ajcLo6XMsV45wKZ3TNd6RRXBrI36wO5h7cf2Ii1ghdovK4YNmV4IqMiQPi46DHpzerwc6Xk1Fpy12pVrzN96xKBXnoB4mP80mmE_0yLfkpnfhzcvEuwFhXf7eRgatKSnkXFWq9XmszHWs4927zF-3w6SrWHKsZxKBt2MKi4S0EVcFIB17MPHXVDB34xmurfGkn_LnyHhtx4tPwvMEmHJYXSpAU5zpyXFktAeKSwFtck8r1iEj3LPxFtMbhFcv71EWX0BmXot4w6STVl4MnPR09jTtbpGn4IFRovHE7IbnYsozTZ5hBmYHnIWbsGtBbyUsBf-7Gol0DScDZDA_OgUjj6TjIuMcYpfruyg70fRXU3RqKA_gEuDLPZiVQiMPsB_CGL6UzE9CLwvhEdxgKG3Yi-96oZoJMrMADsJ6UPUGkbCt3FAQ135ve62LB7PLD-Hk9mYFSAYZVsK3ZCL0DV72BzZA_03Rw8JrAA33wNcSMNfsre6e5bUJvIOmGvyIxuqR4KvR_VLDSAul4_6G1gR9j3UayhG9yvDzxmzpSXf0sigD8KbjNPNN9Jm2hChxWo7kh6_5Zs2laQPP0PD19NNZMuGgOBa7GpjRJEo0Rctt0w3x284G_9KdYYk66grJU9ZK0KEmKhEBJCYYkyBfZfA1owzMgA_GF5qjEZAcoxDqql1G36oiRcxVbr9ima-OfuMUB7NZWJrOw75bcxWAp1HLHawFiRq8jZVxlZ6qMoWjQcDjg1eyxrGgWR6E9fVzeGr1xva8wq4p44M85spbB48MLTh2MiGY7ujGbXmy2wOvsCg3kppO4GKaRRsQdD0mS_NyTZ6ttvCR7-P9leBag3d8c5JZnEp8Vi09Zaq7MrNU0DyRaC8LYOakPhc_SiOPf9BhGOjykY5oLw2FD_YROJL431KiL0De_jOy0d2BYweUdi1q9Ec_uGfJFVEB1FqtXCKiMQYH2iEs25-psO5JNZfvCMUgAa19LZx8iCfewYwiWNbRiXMPx0wszKQvERwQBO9oaGhLF8_2q_PM9hTfalTfK9ejCz9JoEG8Aolbba1q4W0i2SYMh_3Tu4jtAA1ZUSWpuCehAGCfmdUJSskXzl0modS0TGB8cw5lRL4AejsomdNrd0RQlomP-0mBk47oWPiQfBj0eJ1Az5ZkIafZSuGB5nZGcYkzUN2RFtN9V113cL5FAqXI9O5Ncg8pHCTXWRlrLqh8PybHIH9T_UKwlfevC9qsKixo3hIoUFyhxfj08WRLB4nbjA9ELBTmbZMc_nrfqBP8HhCPPbhd9mH7fbUjVZKFC7ihGUr7WgdA8oPSHsRHSsawFOjh9lxWERSoSkpzcQS_-gQeRcibL0OfYVSxiBpXlV1grWtMXA_0i4wuN9EzLg47_vJZno6boqLOv57cNKV0g0G5nnFhMeNu3oKibGQf6LkX8R6Pk0Dvr4tkVeq20GaBXNt0eh0ci04EGtR_ARuxlUzU0gsOVEoeaNKqHj96WWbFw-BOnvgmlKbKz7ZVEOlx09E06mEq-XTJY4CC4sH3HWOj2L7-ZJCZvO75XPul27vU2aYTzJ2iu9CEEz8446nA6z8UT15I3YsKK0sCjRXlzRa_V1ZIF5Z3DZY4zwtWzVq1ciUr_DAut5f1ZcSDn-2aC6G97DJW-qT0KK56F6Hm2In8vnLvA8nhfD7ZvMzurUoZaikuarZ4l15l54Ws5ppCqrYv1S_FKWkmhyuN5wGprasWWAYbSrEk7v-Y_JRBCZf3Wo5B1TXnF-5b7iT9r3sFVPAtkV-O-0I4SrO86tYEfqGh-UEdI5n48iJGPZrNlYHxCAeX0hmw_5HYOjERG37a_f2RlgHQwJH_jJfK4OQMi8F5GOC0IgLr_2ZVSIqlf3hgwl_ppJjEqvyUxffyLc9jPkmr4JgUvF7HCPsOTAzZR9a66hFNZPW1XojywE7ve698EeC_QAM6bwXcK3-09PbJZwHUemUE6zj1SyOkE1ymyZhB1JVMnI9cNew_QXl1oOlJUy9P0n1pXq_608VEOZJyKGBoolnacHDA7uvzI7iCzAF5nAWGqa3UX5Kp1qzbyfvBLe3AZwmPfMzRD_23JV1EcrWf3epoZ2TPOYUdGIXWJfMeD3UyCFJHdEtQdoB9Kl2duHGxTNRCqeLS_GGMfHKxrJMJRQDkisk2jQB7iMZcrpYkWMYWNy0XwxrXd8zE61zW_Yn_6HioMT6EnxewDKCFBbtlx0zfgCHXG1lnus6dNhPJQ_6xII5Acu7Q0_2ZwF35p47s-CJUo2bD76mz2VDUE3xenyuzfA70-cGcJl08nGyj7afwecV9jItxQMP2Tw6mUDOsNms97iJrEdyQM2zpagI-QotgRaSnWiuxOneHiSQ8GRK_eywtXJz9K74ySZwcaKQgAEiXkaIMFGc19cKxHXSE0VTw2pLX9uKjOUXz9biE_LkuvMeKiHb9CYAE&cry=1&ias_dspID=3&ias_campId=1008365748&ias_pubId=pub-7383171830614216&ias_chanId=1&ias_placementId=17749152915&bidurl=https://cloudo3.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gbN_6YchzlBx3CuKJqZKAd&adsafe_url=https%3A%2F%2Fcloudo3.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fd2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fd2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:7cc3d24f-1ed1-6da4-9b95-3e0a9f1ad477,c:lINjQU,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b88cc7b76-gtwnm,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:teWpWCF+11%7C12%7C131%7C132%7C141%7C151%7C152%7C161%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g*.1109672-64802888%7C1g1%7C1h1%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n,idMap:1g*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:24,oid:b2532e61-1f94-11ed-bc2f-3ee93431a39f,v:19.8.343,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:38:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/ Frame 29BB 8 KB
3 KB 3ms
3ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:49:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:49:34 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 29BB 0
26 B 38ms
38ms Ping
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssMYxSQ6T_QkeZdh9MrKQl3JvknCAeTg50xAfI2exgpQUETifagWaz-uhXx9Yy6fIGZXyZ_Kar2Bmy0vVj796UnhqKusY0sORfe7cNtr0s51thDePLd2FhOLtuNjFjhsm9JQIlCfKxiFoNReVkCq_dnWMY&sai=AMfl-YQ_rgnU3w-u0xaPQN83Xhovi8B9SYLX1h_zuyEr0h0-lErj8P3b-UClaQrbRweqFTTj8nZikE5c44wLxl5s3Xx6c1_qmCjeAohy5mX385RZ5WTwXr2rcm_CjvGf&sig=Cg0ArKJSzOE1fpvUbUhbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220817.13109&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Aug 2022 07:58:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200 457933 Show response
cmp-as-tm.everesttech.net/ads/cmp/s/2021/ Frame CF93 9 KB
4 KB 384ms
77ms Script
text/javascript 18.136.144.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-as-tm.everesttech.net/ads/cmp/s/2021/457933?w=160&h=600&s=5&dsp=Google+DCM&clk=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuvpEVPWSCafncHCgkVqJJDAhsGGaCrF2TnVdAv_0KjaOgZ5ygn1HhzRWhGyFtxkJZKn4nssFsVP6AqhyRzKKXsx8m-0wdgkfQFUlK7aSmyC0S4beYFkt8aBFTjwfY11xJFkgXyUFgGCbC4AMgAe5cPRIlxAUipA-vDY9XoEtaeoHGDJJaJMQw12EMsm791caXc6BNPhaQAt4MEuDrWqY5drrMD6EmwoGUQ3xMYju5W2XXUHCYXyMPHHOvg-yrYzhrTrFh-EPSmsUA1fUtD3NmsF6Vb4-9eS-R7XP0RgoVZL0XV3aSwdXAS8M5q4ZTLFlupVkF97PxSdcpaiqgoy_9MmcmfSa2rxD0-xRVZrhiykRw6y_fhTNJuXpltN6J6iR6dF0lNzGag6prkbg4fZdB01Pdkxhh9GK8tW8nzI0etczC6w49RH4gLG9k-qirHev6HzGl1GyfizEowJVtimJWu7Ys8_q0TSW3eOilSKM-4sJA20UX3J3c0b-RLV8dyWGeU2oMCauxNQBS-YrsPlMfBy2_PCGQrjGu__KvQcgatpyReVlqXOSl3Y3uySpb6mWQNSaMP-qI-PFCGJuvlyFnY2PoN1KK7gc_lHyNi3Z7PkMkElOouPuBOC92MfZxRxaOOW-pI0PkZAoRX2qu1s59ykeH4jsCFHMXImtNfmPNyOT17ZTtHaNqkSKv5X5bqY1szjF6sXN0aaEroPJyKQiNozMnwIcTEjtsbNhyhG6arI9sI0uPGDneJ_ol481UzCHnY37eCXPvRjHsp40mEfqhEq14uPQ8taf5cDAp5MjiURjZomoHt_boEvt0vIMbA_AhyFgbHEwy0r1XwPrbWvuGqz5EYP1kPl6ofvn4dXrKKId-E3R8aPnuNsFGx4_rakEdo7kK0T1eUfAAvWeondklu7gTaCiO574tEzMq2PgguCjraz4a5tqi9rAkWbOKVj5Kwe2NxHR0INmzJX5Uxb6kn1E_z_2iHd8_c6xjlh7oybYz0Dpx-vLKc3sBIVYV_wwLWowUp7LhDHt-nPAxG_gkrfskk0n22Ndg6eoFbKcprtTo54bIIP6EWPfqy-fRsYQD2mcvZJAzDq2l59h2WHPstqS3Olk1Xyfut1cGuDlXfTG21ZQ8KheWVhrsKu7a27VOrnAl9_xRPk4uwr0IuYL3afNoxCpJNX7vaqd5YSFbLG5aOMVMOO2vLmuKGl0X2fNZzdLXqTsEO%26sai%3DAMfl-YRfesTWX_bR-y98Ru-t31V5KCi8M2XXhuRWOUqlqwRLisMbp59kOJOBO2bK_BE-n5zheT9AS9NtFhcPIOWEz7I_SQUawQvcYIz3y8FqhvF-zor2EPS8RRmBHPFPyJQexYnJx7r24WKH3oJW-fctCNHD7xNvYJD6Mw6u6T7fuPNM9W-Nit-OCmAKF8SfwiSJsU5JailJm_c_dqEu9MSWHjwvn_wov0wGD7k%26sig%3DCg0ArKJSzPekn0F5kSKTEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&dsp_bu_id=28195199&dsp_pa_id=341376302&dsp_si_id=6958819&dsp_ad_id=534000586&dsp_cr_id=175149797&dp1=341376302&tc_1=cmm9q5m2ohy&tc_2=28195199&tc_3=341376302&tc_4=175149797&tc_5=dcmadvertiserid|8404942$dcmcampaignid|28195199$dcmadid|534000586$dcmrenderingid|175540445$dcmsiteid|6958819$dcmplacementid|341376302$customer|Microsoft$dv360auctionid|
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1109672/64802888/xbbe/creative/adj?p=APEucNVY6F61u6bWGatYAx4Sr-wLBOcCayL3KKFEg4Rxqy3m0ZiU3zc&d=CokBAKAmf-DVVM8WTxn9gXbvVWK0dUg_xuYiERPQScy0VpvIEH2VNYPrQwDSkLeb4F-F40a26aPSJ53jsGDFZfKhrGyqeto8s7qO_KUxR4FF_fq511jNzFYNUIOZG0NCrSKZM5JiRhFyfNDESk9s15j4_x1DBIzEIzuoWFCXWXxP12dkn0EQPebwJvESiRQAoCZ_4CDPi2SHqXT6QOSNbk8vkI0IJTZVH4ys_Zpa0ilS5oG-sXilws_BXc26BKDjZ13bvLsxoxOUWuHbNtwwlNluw6Xr83N-qt-Qep92qr5rrK_6YlBWD8cIgo8CrTxLER3wOyWST1F67_PXdQZsJPnzNw39Zu2agAIvuEV0GaZsdrgg4wlWPEBg7EmU71O1OS_OVDep64taFehXq09duaLIPULzmkf1hBc-agqqT6JqKX0jJbMQrXI9YNHNUdiV7i4Mq8xhc8gpD8KsQIsWzWihOQhcE9nOGpD6sHV1JEOaCqzmdxqaA_azq48wpwYekvgABt_mB0EsPzUAxnhLWocfInYUe1sMueLHxN3gMErwZ8uTar5AMjAq4y83eJ5sNLo2mUNhgb2PCmzQhfcYgxSInp4ihefc3dZmP-dbSR0XBynvOiw6BuIfcS2ZQ0aVNBih_Fi2rt7aCaeMbugVkCBK4kPjy0sPRHndArHKduIPZKZhp-1frI6DK9a4lVBc8W6F2q7Ext-yzDbDXUyqT7l75wPsbJWIGWSFIt2_uORMSx015HR3cKyKihHLRDNtPqEJ5bwVC3BCschAjeXyrzIAjBQFo8P9ro7_yxAhCVqoQCOUfA_KJrAxSFKR9tD3t1g6LlhBBqnfHLNhyh5neCzmB81er0dhqNt3ZIjet66mw8R12yLBWGaC9TMSbo703_ECOx4skbHED1Ug103470LLnYg9Ch7LiNPsy3xXh7nm_NWgn3BSTd6jqbXMHcIQQEqYxL18JvqkLYe_SwpzyENQ5osjJwuLLxo06SdoOOIqGhu0rhlIFOtUQe1RqeUGTqta7P1z9YKyydHVeSdkgl23jufx1QGCt0wN24mQCOM7i8BDfQTfhoQJtYrIeQ2nqaaJ7l-wA34uWNGY33wv9REsZ2wtsUphmpYpb9l1HSx9--THcR3ixJ0ialRnBodJmqQAmym3Wq7MFwL5OymBIONBW1vYSTTd1HJkOiYpMZ6NngHpSqEcV5AD2H4xeDPRSmUMdti5H5lD7gi3wML9W3fsC8DCVl9ZUgyVsQzLTWJ9nboJb2VHjndLfvjKsx401PBJp3m9242rYKTHzTjPncmk2BrydqZ_SM7P0fBOBOKzQY8bp2IdIv2inK48uhlUjr525VQekIPyMMPcNleRZriN8IQ2PIQWe37pOQRZuCyAGBx30I1EgLaClYEqXlwfmtODMiQRdGpj9kPVnyEDTNvvpBtArONP7KkuShFbpCEpTA_DffoZVKyqxKrZZi1xrGZPUhTK_VDTkSrQskdUooMcsU3mGJG3F0SlFBaA8UeFBmFCObdzsOMKo_EO9OcdrV9yGVADt1CgCLcnXyKkzMj905VemyXWbgT7E5CbIBEaA8xFz4fLV2hto6jFYep_EqS2WRrw0OtfGKLSJsP5JbKmsJqvo4U8hB7H-itd0hrumYfjctBzZKN6wjv993JBLZCphPudthKaWeNxtLL1D0boe9nIX8gPeY0Hkhg8M8WWNh-BYS0gG2mhOhAZeGZQj-WB7x225CYVqARMB5njir12hOATIwQsPanAqM1MFJrFwWLon61mcn3ICUjShlD-5sXdwUFRNZdA6DXw7FrEtYOEy8vZTHwlbW-5KZfdGNhE0Gh5raZgbshUczZQddZuCYmkm7LuQhjIdWRWqGLGSXku8bcwUGXIQd1puGDN3QGETODkPH5l1tzknsFBR6EoMXYuElFZ_f2b2zgjTK8ZIxfrK2CObFTjrBXFGU2SUWccuX1QiRqMjxy4NrAYOpIQAn4GL9rU1IxFKhjRAbxYR14tBrDn8r3BlzpRL1hB5KdQrqFd2iIpX4YDK_cB-xvctn1v-SGVgDVahWjQNunhJXt0AZ7NtpP3yqdOu1Toc-XqXcowLgzCK6kYG8a0cF9oKRK2-ZCZFK_iY0ekdyxxE8lDQU5Y1_SQCNABEwYjvE42l1MS_0_nLyhCyt0FEUha0wBjMbIR7L33ogMumUbk0CHZqfi9dPwWleOFgEo_A6ICFpacdopGQl8yZn-c8cb3NIVYet5B-2NPRvpU3h4l8_fyLctY4a-My9si26cJS8veQHxk7j3fNdpO9j4pZ3bxfpJ8senqtd4xg_3ZQGsU4ov8bEeFFuOVeLi05g5uglYwxfX7xNZ9r_d-sCzhJWtd6JL6kYvyaIBHypXGaSpCBXM6nz6b975n8TgRqy3JDYxa1CYJhxBv9OkccLutdnqa21HWdPL6UlHJ5x6JgIIdT717leeVA08Bn7dVALp4dTJNuGeuppl08F7ROWoLaRMqWCBEWP8JmKczUufasB9XKJSQ0as_hnZQ_BBYCJLsaPtx0iKkmACEahL289EXazYKitwgyapfbpZ6Gv3WhV1GtUSXeX89-qRnQQKz4XWlu5UoXaOIcp4dLfFB-SEkAs-CwmN0pRItWfodIZM28kN4i-dSrCkNoV_KpsBTvjBMPQuijZ_DDkDO-cXMsB0-JLqxjb6pa_st2rKd6lW4KCDQYwY3dWTiZniPZG3rTiCy4GMyuvx98IlFxYdTQ3jFVG9h4ORGgSpBWlH9fbHoTLMdmeJ8JkEqHKdS-CpR9wYEJq460d64Jf1CQ91FzuwFtvN4WSqAXtjjUlCmTKfrcs738096aahhx5EIfJ5OlgZbqEz30vx6VJ9Lt9IBZN-6Jmtd45o5MAoqweKydaKKQE4MmCZSxmH0wpAZa9GfJLmaGPFqK00cPbI0rPvSZqqQjsYEnv4jntNcGfcnQvzmOp1vGyb6CCTmtvoibWBD8siNSt0X-ojhzTW_r40TglFA7kU8tou9OaMjkt6l94cfN5Zxel6jYczTP7mNd5u69Me801lO0RMsJMUIZANRn9AMTJGyLaDqVeWRSGI38eY5bydMEdexVc8enWQUntirmlfCWbCJUNhGcbudcpxz-uy5cwhz6K2_V3Hq9bEuylr4Qq6eltkz9699YurfcImu_P5Qd4xHhboRaKjmWBjrgVzIOO6FGC_4kxpoyPrhG1MoP2xqU9rDwBxazX9mYgi7DSc69JL_MpqDnQwyLv4N69KA-nZh1d3AA-sURlb2_B-Uf8BChURFvHB6IngY5xGTlfP_d2gpk2kueHfhHpJa4rkRPSTq8EUjSINkNtJB1Bp_xGTksmooESIzsX6vONkl-7CeqATBJLuko3YE-cXnMIQR2dEATSBnlusj5C1DQ9xFIfJ3l1PipcbOceksf908f_epNut63X3r5HurCQrCR-vMmXn0xpA5HhYaGvVf5cv4Jlu4UqMKUkiRT_ULHje1q5he9IuLgfeNRb4WSEAcrf-ZE0yLNmGkyShufIeCqFbLeM2uNzqW0ABMsODPMAhc_nTldH8drCUQ1ZepEf213mXN4wLcOlXkBBCFafKEdtT-v0y9zr_qgzvGtvx9GikIABIl5Gj_-BVnBDVBso6fXqGtcPPM2sPx395hwaWLGE8z1W_bIRIDyGAB&cry=1&ias_dspID=3&ias_campId=1008365748&ias_pubId=pub-7383171830614216&ias_chanId=1&ias_placementId=17749152915&bidurl=https://cloudo3.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gaj3TMv75giQIPqhYXvF5S&adsafe_url=https%3A%2F%2Fcloudo3.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fd2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fd2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c402dd72-af98-7f3f-5b08-c6cca16a015d,c:lINjSf,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b88cc7b76-v5ql2,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:teWpWE0+11%7C12%7C131%7C132%7C141%7C151%7C152%7C161%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g1%7C1g2%7C1g3%7C1h*.1109672-64802888%7C1h1%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n,idMap:1h*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:24,oid:b254dbee-1f94-11ed-8ad3-a67c96319d07,v:19.8.343,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.136.144.91 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-144-91.ap-southeast-1.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: f6c43537aadac54607acd34b685c32b44ee1c9e6d9260fa905288c3c530e23a7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
content-encoding: gzip
server: AMO-jAds/1.1
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
transfer-encoding: chunked
x-h: cmp-adserver02.adcloud-prod.ap-southeast-1.private
expires: Fri Aug 19 07:58:23 UTC 2022

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame CF93 30 KB
12 KB 4ms
3ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1109672/64802888/xbbe/creative/adj?p=APEucNVY6F61u6bWGatYAx4Sr-wLBOcCayL3KKFEg4Rxqy3m0ZiU3zc&d=CokBAKAmf-DVVM8WTxn9gXbvVWK0dUg_xuYiERPQScy0VpvIEH2VNYPrQwDSkLeb4F-F40a26aPSJ53jsGDFZfKhrGyqeto8s7qO_KUxR4FF_fq511jNzFYNUIOZG0NCrSKZM5JiRhFyfNDESk9s15j4_x1DBIzEIzuoWFCXWXxP12dkn0EQPebwJvESiRQAoCZ_4CDPi2SHqXT6QOSNbk8vkI0IJTZVH4ys_Zpa0ilS5oG-sXilws_BXc26BKDjZ13bvLsxoxOUWuHbNtwwlNluw6Xr83N-qt-Qep92qr5rrK_6YlBWD8cIgo8CrTxLER3wOyWST1F67_PXdQZsJPnzNw39Zu2agAIvuEV0GaZsdrgg4wlWPEBg7EmU71O1OS_OVDep64taFehXq09duaLIPULzmkf1hBc-agqqT6JqKX0jJbMQrXI9YNHNUdiV7i4Mq8xhc8gpD8KsQIsWzWihOQhcE9nOGpD6sHV1JEOaCqzmdxqaA_azq48wpwYekvgABt_mB0EsPzUAxnhLWocfInYUe1sMueLHxN3gMErwZ8uTar5AMjAq4y83eJ5sNLo2mUNhgb2PCmzQhfcYgxSInp4ihefc3dZmP-dbSR0XBynvOiw6BuIfcS2ZQ0aVNBih_Fi2rt7aCaeMbugVkCBK4kPjy0sPRHndArHKduIPZKZhp-1frI6DK9a4lVBc8W6F2q7Ext-yzDbDXUyqT7l75wPsbJWIGWSFIt2_uORMSx015HR3cKyKihHLRDNtPqEJ5bwVC3BCschAjeXyrzIAjBQFo8P9ro7_yxAhCVqoQCOUfA_KJrAxSFKR9tD3t1g6LlhBBqnfHLNhyh5neCzmB81er0dhqNt3ZIjet66mw8R12yLBWGaC9TMSbo703_ECOx4skbHED1Ug103470LLnYg9Ch7LiNPsy3xXh7nm_NWgn3BSTd6jqbXMHcIQQEqYxL18JvqkLYe_SwpzyENQ5osjJwuLLxo06SdoOOIqGhu0rhlIFOtUQe1RqeUGTqta7P1z9YKyydHVeSdkgl23jufx1QGCt0wN24mQCOM7i8BDfQTfhoQJtYrIeQ2nqaaJ7l-wA34uWNGY33wv9REsZ2wtsUphmpYpb9l1HSx9--THcR3ixJ0ialRnBodJmqQAmym3Wq7MFwL5OymBIONBW1vYSTTd1HJkOiYpMZ6NngHpSqEcV5AD2H4xeDPRSmUMdti5H5lD7gi3wML9W3fsC8DCVl9ZUgyVsQzLTWJ9nboJb2VHjndLfvjKsx401PBJp3m9242rYKTHzTjPncmk2BrydqZ_SM7P0fBOBOKzQY8bp2IdIv2inK48uhlUjr525VQekIPyMMPcNleRZriN8IQ2PIQWe37pOQRZuCyAGBx30I1EgLaClYEqXlwfmtODMiQRdGpj9kPVnyEDTNvvpBtArONP7KkuShFbpCEpTA_DffoZVKyqxKrZZi1xrGZPUhTK_VDTkSrQskdUooMcsU3mGJG3F0SlFBaA8UeFBmFCObdzsOMKo_EO9OcdrV9yGVADt1CgCLcnXyKkzMj905VemyXWbgT7E5CbIBEaA8xFz4fLV2hto6jFYep_EqS2WRrw0OtfGKLSJsP5JbKmsJqvo4U8hB7H-itd0hrumYfjctBzZKN6wjv993JBLZCphPudthKaWeNxtLL1D0boe9nIX8gPeY0Hkhg8M8WWNh-BYS0gG2mhOhAZeGZQj-WB7x225CYVqARMB5njir12hOATIwQsPanAqM1MFJrFwWLon61mcn3ICUjShlD-5sXdwUFRNZdA6DXw7FrEtYOEy8vZTHwlbW-5KZfdGNhE0Gh5raZgbshUczZQddZuCYmkm7LuQhjIdWRWqGLGSXku8bcwUGXIQd1puGDN3QGETODkPH5l1tzknsFBR6EoMXYuElFZ_f2b2zgjTK8ZIxfrK2CObFTjrBXFGU2SUWccuX1QiRqMjxy4NrAYOpIQAn4GL9rU1IxFKhjRAbxYR14tBrDn8r3BlzpRL1hB5KdQrqFd2iIpX4YDK_cB-xvctn1v-SGVgDVahWjQNunhJXt0AZ7NtpP3yqdOu1Toc-XqXcowLgzCK6kYG8a0cF9oKRK2-ZCZFK_iY0ekdyxxE8lDQU5Y1_SQCNABEwYjvE42l1MS_0_nLyhCyt0FEUha0wBjMbIR7L33ogMumUbk0CHZqfi9dPwWleOFgEo_A6ICFpacdopGQl8yZn-c8cb3NIVYet5B-2NPRvpU3h4l8_fyLctY4a-My9si26cJS8veQHxk7j3fNdpO9j4pZ3bxfpJ8senqtd4xg_3ZQGsU4ov8bEeFFuOVeLi05g5uglYwxfX7xNZ9r_d-sCzhJWtd6JL6kYvyaIBHypXGaSpCBXM6nz6b975n8TgRqy3JDYxa1CYJhxBv9OkccLutdnqa21HWdPL6UlHJ5x6JgIIdT717leeVA08Bn7dVALp4dTJNuGeuppl08F7ROWoLaRMqWCBEWP8JmKczUufasB9XKJSQ0as_hnZQ_BBYCJLsaPtx0iKkmACEahL289EXazYKitwgyapfbpZ6Gv3WhV1GtUSXeX89-qRnQQKz4XWlu5UoXaOIcp4dLfFB-SEkAs-CwmN0pRItWfodIZM28kN4i-dSrCkNoV_KpsBTvjBMPQuijZ_DDkDO-cXMsB0-JLqxjb6pa_st2rKd6lW4KCDQYwY3dWTiZniPZG3rTiCy4GMyuvx98IlFxYdTQ3jFVG9h4ORGgSpBWlH9fbHoTLMdmeJ8JkEqHKdS-CpR9wYEJq460d64Jf1CQ91FzuwFtvN4WSqAXtjjUlCmTKfrcs738096aahhx5EIfJ5OlgZbqEz30vx6VJ9Lt9IBZN-6Jmtd45o5MAoqweKydaKKQE4MmCZSxmH0wpAZa9GfJLmaGPFqK00cPbI0rPvSZqqQjsYEnv4jntNcGfcnQvzmOp1vGyb6CCTmtvoibWBD8siNSt0X-ojhzTW_r40TglFA7kU8tou9OaMjkt6l94cfN5Zxel6jYczTP7mNd5u69Me801lO0RMsJMUIZANRn9AMTJGyLaDqVeWRSGI38eY5bydMEdexVc8enWQUntirmlfCWbCJUNhGcbudcpxz-uy5cwhz6K2_V3Hq9bEuylr4Qq6eltkz9699YurfcImu_P5Qd4xHhboRaKjmWBjrgVzIOO6FGC_4kxpoyPrhG1MoP2xqU9rDwBxazX9mYgi7DSc69JL_MpqDnQwyLv4N69KA-nZh1d3AA-sURlb2_B-Uf8BChURFvHB6IngY5xGTlfP_d2gpk2kueHfhHpJa4rkRPSTq8EUjSINkNtJB1Bp_xGTksmooESIzsX6vONkl-7CeqATBJLuko3YE-cXnMIQR2dEATSBnlusj5C1DQ9xFIfJ3l1PipcbOceksf908f_epNut63X3r5HurCQrCR-vMmXn0xpA5HhYaGvVf5cv4Jlu4UqMKUkiRT_ULHje1q5he9IuLgfeNRb4WSEAcrf-ZE0yLNmGkyShufIeCqFbLeM2uNzqW0ABMsODPMAhc_nTldH8drCUQ1ZepEf213mXN4wLcOlXkBBCFafKEdtT-v0y9zr_qgzvGtvx9GikIABIl5Gj_-BVnBDVBso6fXqGtcPPM2sPx395hwaWLGE8z1W_bIRIDyGAB&cry=1&ias_dspID=3&ias_campId=1008365748&ias_pubId=pub-7383171830614216&ias_chanId=1&ias_placementId=17749152915&bidurl=https://cloudo3.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gaj3TMv75giQIPqhYXvF5S&adsafe_url=https%3A%2F%2Fcloudo3.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fd2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fd2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c402dd72-af98-7f3f-5b08-c6cca16a015d,c:lINjSf,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b88cc7b76-v5ql2,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:teWpWE0+11%7C12%7C131%7C132%7C141%7C151%7C152%7C161%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g1%7C1g2%7C1g3%7C1h*.1109672-64802888%7C1h1%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n,idMap:1h*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:24,oid:b254dbee-1f94-11ed-8ad3-a67c96319d07,v:19.8.343,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:38:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/ Frame CF93 8 KB
3 KB 4ms
4ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1109672/64802888/xbbe/creative/adj?p=APEucNVY6F61u6bWGatYAx4Sr-wLBOcCayL3KKFEg4Rxqy3m0ZiU3zc&d=CokBAKAmf-DVVM8WTxn9gXbvVWK0dUg_xuYiERPQScy0VpvIEH2VNYPrQwDSkLeb4F-F40a26aPSJ53jsGDFZfKhrGyqeto8s7qO_KUxR4FF_fq511jNzFYNUIOZG0NCrSKZM5JiRhFyfNDESk9s15j4_x1DBIzEIzuoWFCXWXxP12dkn0EQPebwJvESiRQAoCZ_4CDPi2SHqXT6QOSNbk8vkI0IJTZVH4ys_Zpa0ilS5oG-sXilws_BXc26BKDjZ13bvLsxoxOUWuHbNtwwlNluw6Xr83N-qt-Qep92qr5rrK_6YlBWD8cIgo8CrTxLER3wOyWST1F67_PXdQZsJPnzNw39Zu2agAIvuEV0GaZsdrgg4wlWPEBg7EmU71O1OS_OVDep64taFehXq09duaLIPULzmkf1hBc-agqqT6JqKX0jJbMQrXI9YNHNUdiV7i4Mq8xhc8gpD8KsQIsWzWihOQhcE9nOGpD6sHV1JEOaCqzmdxqaA_azq48wpwYekvgABt_mB0EsPzUAxnhLWocfInYUe1sMueLHxN3gMErwZ8uTar5AMjAq4y83eJ5sNLo2mUNhgb2PCmzQhfcYgxSInp4ihefc3dZmP-dbSR0XBynvOiw6BuIfcS2ZQ0aVNBih_Fi2rt7aCaeMbugVkCBK4kPjy0sPRHndArHKduIPZKZhp-1frI6DK9a4lVBc8W6F2q7Ext-yzDbDXUyqT7l75wPsbJWIGWSFIt2_uORMSx015HR3cKyKihHLRDNtPqEJ5bwVC3BCschAjeXyrzIAjBQFo8P9ro7_yxAhCVqoQCOUfA_KJrAxSFKR9tD3t1g6LlhBBqnfHLNhyh5neCzmB81er0dhqNt3ZIjet66mw8R12yLBWGaC9TMSbo703_ECOx4skbHED1Ug103470LLnYg9Ch7LiNPsy3xXh7nm_NWgn3BSTd6jqbXMHcIQQEqYxL18JvqkLYe_SwpzyENQ5osjJwuLLxo06SdoOOIqGhu0rhlIFOtUQe1RqeUGTqta7P1z9YKyydHVeSdkgl23jufx1QGCt0wN24mQCOM7i8BDfQTfhoQJtYrIeQ2nqaaJ7l-wA34uWNGY33wv9REsZ2wtsUphmpYpb9l1HSx9--THcR3ixJ0ialRnBodJmqQAmym3Wq7MFwL5OymBIONBW1vYSTTd1HJkOiYpMZ6NngHpSqEcV5AD2H4xeDPRSmUMdti5H5lD7gi3wML9W3fsC8DCVl9ZUgyVsQzLTWJ9nboJb2VHjndLfvjKsx401PBJp3m9242rYKTHzTjPncmk2BrydqZ_SM7P0fBOBOKzQY8bp2IdIv2inK48uhlUjr525VQekIPyMMPcNleRZriN8IQ2PIQWe37pOQRZuCyAGBx30I1EgLaClYEqXlwfmtODMiQRdGpj9kPVnyEDTNvvpBtArONP7KkuShFbpCEpTA_DffoZVKyqxKrZZi1xrGZPUhTK_VDTkSrQskdUooMcsU3mGJG3F0SlFBaA8UeFBmFCObdzsOMKo_EO9OcdrV9yGVADt1CgCLcnXyKkzMj905VemyXWbgT7E5CbIBEaA8xFz4fLV2hto6jFYep_EqS2WRrw0OtfGKLSJsP5JbKmsJqvo4U8hB7H-itd0hrumYfjctBzZKN6wjv993JBLZCphPudthKaWeNxtLL1D0boe9nIX8gPeY0Hkhg8M8WWNh-BYS0gG2mhOhAZeGZQj-WB7x225CYVqARMB5njir12hOATIwQsPanAqM1MFJrFwWLon61mcn3ICUjShlD-5sXdwUFRNZdA6DXw7FrEtYOEy8vZTHwlbW-5KZfdGNhE0Gh5raZgbshUczZQddZuCYmkm7LuQhjIdWRWqGLGSXku8bcwUGXIQd1puGDN3QGETODkPH5l1tzknsFBR6EoMXYuElFZ_f2b2zgjTK8ZIxfrK2CObFTjrBXFGU2SUWccuX1QiRqMjxy4NrAYOpIQAn4GL9rU1IxFKhjRAbxYR14tBrDn8r3BlzpRL1hB5KdQrqFd2iIpX4YDK_cB-xvctn1v-SGVgDVahWjQNunhJXt0AZ7NtpP3yqdOu1Toc-XqXcowLgzCK6kYG8a0cF9oKRK2-ZCZFK_iY0ekdyxxE8lDQU5Y1_SQCNABEwYjvE42l1MS_0_nLyhCyt0FEUha0wBjMbIR7L33ogMumUbk0CHZqfi9dPwWleOFgEo_A6ICFpacdopGQl8yZn-c8cb3NIVYet5B-2NPRvpU3h4l8_fyLctY4a-My9si26cJS8veQHxk7j3fNdpO9j4pZ3bxfpJ8senqtd4xg_3ZQGsU4ov8bEeFFuOVeLi05g5uglYwxfX7xNZ9r_d-sCzhJWtd6JL6kYvyaIBHypXGaSpCBXM6nz6b975n8TgRqy3JDYxa1CYJhxBv9OkccLutdnqa21HWdPL6UlHJ5x6JgIIdT717leeVA08Bn7dVALp4dTJNuGeuppl08F7ROWoLaRMqWCBEWP8JmKczUufasB9XKJSQ0as_hnZQ_BBYCJLsaPtx0iKkmACEahL289EXazYKitwgyapfbpZ6Gv3WhV1GtUSXeX89-qRnQQKz4XWlu5UoXaOIcp4dLfFB-SEkAs-CwmN0pRItWfodIZM28kN4i-dSrCkNoV_KpsBTvjBMPQuijZ_DDkDO-cXMsB0-JLqxjb6pa_st2rKd6lW4KCDQYwY3dWTiZniPZG3rTiCy4GMyuvx98IlFxYdTQ3jFVG9h4ORGgSpBWlH9fbHoTLMdmeJ8JkEqHKdS-CpR9wYEJq460d64Jf1CQ91FzuwFtvN4WSqAXtjjUlCmTKfrcs738096aahhx5EIfJ5OlgZbqEz30vx6VJ9Lt9IBZN-6Jmtd45o5MAoqweKydaKKQE4MmCZSxmH0wpAZa9GfJLmaGPFqK00cPbI0rPvSZqqQjsYEnv4jntNcGfcnQvzmOp1vGyb6CCTmtvoibWBD8siNSt0X-ojhzTW_r40TglFA7kU8tou9OaMjkt6l94cfN5Zxel6jYczTP7mNd5u69Me801lO0RMsJMUIZANRn9AMTJGyLaDqVeWRSGI38eY5bydMEdexVc8enWQUntirmlfCWbCJUNhGcbudcpxz-uy5cwhz6K2_V3Hq9bEuylr4Qq6eltkz9699YurfcImu_P5Qd4xHhboRaKjmWBjrgVzIOO6FGC_4kxpoyPrhG1MoP2xqU9rDwBxazX9mYgi7DSc69JL_MpqDnQwyLv4N69KA-nZh1d3AA-sURlb2_B-Uf8BChURFvHB6IngY5xGTlfP_d2gpk2kueHfhHpJa4rkRPSTq8EUjSINkNtJB1Bp_xGTksmooESIzsX6vONkl-7CeqATBJLuko3YE-cXnMIQR2dEATSBnlusj5C1DQ9xFIfJ3l1PipcbOceksf908f_epNut63X3r5HurCQrCR-vMmXn0xpA5HhYaGvVf5cv4Jlu4UqMKUkiRT_ULHje1q5he9IuLgfeNRb4WSEAcrf-ZE0yLNmGkyShufIeCqFbLeM2uNzqW0ABMsODPMAhc_nTldH8drCUQ1ZepEf213mXN4wLcOlXkBBCFafKEdtT-v0y9zr_qgzvGtvx9GikIABIl5Gj_-BVnBDVBso6fXqGtcPPM2sPx395hwaWLGE8z1W_bIRIDyGAB&cry=1&ias_dspID=3&ias_campId=1008365748&ias_pubId=pub-7383171830614216&ias_chanId=1&ias_placementId=17749152915&bidurl=https://cloudo3.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gaj3TMv75giQIPqhYXvF5S&adsafe_url=https%3A%2F%2Fcloudo3.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fd2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fd2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c402dd72-af98-7f3f-5b08-c6cca16a015d,c:lINjSf,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b88cc7b76-v5ql2,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:teWpWE0+11%7C12%7C131%7C132%7C141%7C151%7C152%7C161%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g1%7C1g2%7C1g3%7C1h*.1109672-64802888%7C1h1%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n,idMap:1h*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:24,oid:b254dbee-1f94-11ed-8ad3-a67c96319d07,v:19.8.343,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:49:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:49:34 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CF93 0
26 B 40ms
39ms Ping
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst69CUAqaEME3N7MdrPbvlwhw7xiLmAw4MJx-t-zCN-fFAJO8YuWpnOfmB0GCpc5SISmPUnDpag2ghbamKAjIpADrto0ol-k1gwo6D-WRYygougrsULz4OXi94U8UinMySOhfppJrjetXAA0Lcqn36G92Y&sai=AMfl-YSa6O3P15lcDXMZ8IhASfCzR51okYXnSgmzl9bawkZTiwivIOspAe-l8fVjEBwbwO7tmgXGPfvrsWTVTDJkprjXckKhC8IdkmvulcSg-rqWvxKZckHrwqkJ7iuO&sig=Cg0ArKJSzKdxgF9vIa-YEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220817.35566&adurl=

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1109672/64802888/xbbe/creative/adj?p=APEucNVY6F61u6bWGatYAx4Sr-wLBOcCayL3KKFEg4Rxqy3m0ZiU3zc&d=CokBAKAmf-DVVM8WTxn9gXbvVWK0dUg_xuYiERPQScy0VpvIEH2VNYPrQwDSkLeb4F-F40a26aPSJ53jsGDFZfKhrGyqeto8s7qO_KUxR4FF_fq511jNzFYNUIOZG0NCrSKZM5JiRhFyfNDESk9s15j4_x1DBIzEIzuoWFCXWXxP12dkn0EQPebwJvESiRQAoCZ_4CDPi2SHqXT6QOSNbk8vkI0IJTZVH4ys_Zpa0ilS5oG-sXilws_BXc26BKDjZ13bvLsxoxOUWuHbNtwwlNluw6Xr83N-qt-Qep92qr5rrK_6YlBWD8cIgo8CrTxLER3wOyWST1F67_PXdQZsJPnzNw39Zu2agAIvuEV0GaZsdrgg4wlWPEBg7EmU71O1OS_OVDep64taFehXq09duaLIPULzmkf1hBc-agqqT6JqKX0jJbMQrXI9YNHNUdiV7i4Mq8xhc8gpD8KsQIsWzWihOQhcE9nOGpD6sHV1JEOaCqzmdxqaA_azq48wpwYekvgABt_mB0EsPzUAxnhLWocfInYUe1sMueLHxN3gMErwZ8uTar5AMjAq4y83eJ5sNLo2mUNhgb2PCmzQhfcYgxSInp4ihefc3dZmP-dbSR0XBynvOiw6BuIfcS2ZQ0aVNBih_Fi2rt7aCaeMbugVkCBK4kPjy0sPRHndArHKduIPZKZhp-1frI6DK9a4lVBc8W6F2q7Ext-yzDbDXUyqT7l75wPsbJWIGWSFIt2_uORMSx015HR3cKyKihHLRDNtPqEJ5bwVC3BCschAjeXyrzIAjBQFo8P9ro7_yxAhCVqoQCOUfA_KJrAxSFKR9tD3t1g6LlhBBqnfHLNhyh5neCzmB81er0dhqNt3ZIjet66mw8R12yLBWGaC9TMSbo703_ECOx4skbHED1Ug103470LLnYg9Ch7LiNPsy3xXh7nm_NWgn3BSTd6jqbXMHcIQQEqYxL18JvqkLYe_SwpzyENQ5osjJwuLLxo06SdoOOIqGhu0rhlIFOtUQe1RqeUGTqta7P1z9YKyydHVeSdkgl23jufx1QGCt0wN24mQCOM7i8BDfQTfhoQJtYrIeQ2nqaaJ7l-wA34uWNGY33wv9REsZ2wtsUphmpYpb9l1HSx9--THcR3ixJ0ialRnBodJmqQAmym3Wq7MFwL5OymBIONBW1vYSTTd1HJkOiYpMZ6NngHpSqEcV5AD2H4xeDPRSmUMdti5H5lD7gi3wML9W3fsC8DCVl9ZUgyVsQzLTWJ9nboJb2VHjndLfvjKsx401PBJp3m9242rYKTHzTjPncmk2BrydqZ_SM7P0fBOBOKzQY8bp2IdIv2inK48uhlUjr525VQekIPyMMPcNleRZriN8IQ2PIQWe37pOQRZuCyAGBx30I1EgLaClYEqXlwfmtODMiQRdGpj9kPVnyEDTNvvpBtArONP7KkuShFbpCEpTA_DffoZVKyqxKrZZi1xrGZPUhTK_VDTkSrQskdUooMcsU3mGJG3F0SlFBaA8UeFBmFCObdzsOMKo_EO9OcdrV9yGVADt1CgCLcnXyKkzMj905VemyXWbgT7E5CbIBEaA8xFz4fLV2hto6jFYep_EqS2WRrw0OtfGKLSJsP5JbKmsJqvo4U8hB7H-itd0hrumYfjctBzZKN6wjv993JBLZCphPudthKaWeNxtLL1D0boe9nIX8gPeY0Hkhg8M8WWNh-BYS0gG2mhOhAZeGZQj-WB7x225CYVqARMB5njir12hOATIwQsPanAqM1MFJrFwWLon61mcn3ICUjShlD-5sXdwUFRNZdA6DXw7FrEtYOEy8vZTHwlbW-5KZfdGNhE0Gh5raZgbshUczZQddZuCYmkm7LuQhjIdWRWqGLGSXku8bcwUGXIQd1puGDN3QGETODkPH5l1tzknsFBR6EoMXYuElFZ_f2b2zgjTK8ZIxfrK2CObFTjrBXFGU2SUWccuX1QiRqMjxy4NrAYOpIQAn4GL9rU1IxFKhjRAbxYR14tBrDn8r3BlzpRL1hB5KdQrqFd2iIpX4YDK_cB-xvctn1v-SGVgDVahWjQNunhJXt0AZ7NtpP3yqdOu1Toc-XqXcowLgzCK6kYG8a0cF9oKRK2-ZCZFK_iY0ekdyxxE8lDQU5Y1_SQCNABEwYjvE42l1MS_0_nLyhCyt0FEUha0wBjMbIR7L33ogMumUbk0CHZqfi9dPwWleOFgEo_A6ICFpacdopGQl8yZn-c8cb3NIVYet5B-2NPRvpU3h4l8_fyLctY4a-My9si26cJS8veQHxk7j3fNdpO9j4pZ3bxfpJ8senqtd4xg_3ZQGsU4ov8bEeFFuOVeLi05g5uglYwxfX7xNZ9r_d-sCzhJWtd6JL6kYvyaIBHypXGaSpCBXM6nz6b975n8TgRqy3JDYxa1CYJhxBv9OkccLutdnqa21HWdPL6UlHJ5x6JgIIdT717leeVA08Bn7dVALp4dTJNuGeuppl08F7ROWoLaRMqWCBEWP8JmKczUufasB9XKJSQ0as_hnZQ_BBYCJLsaPtx0iKkmACEahL289EXazYKitwgyapfbpZ6Gv3WhV1GtUSXeX89-qRnQQKz4XWlu5UoXaOIcp4dLfFB-SEkAs-CwmN0pRItWfodIZM28kN4i-dSrCkNoV_KpsBTvjBMPQuijZ_DDkDO-cXMsB0-JLqxjb6pa_st2rKd6lW4KCDQYwY3dWTiZniPZG3rTiCy4GMyuvx98IlFxYdTQ3jFVG9h4ORGgSpBWlH9fbHoTLMdmeJ8JkEqHKdS-CpR9wYEJq460d64Jf1CQ91FzuwFtvN4WSqAXtjjUlCmTKfrcs738096aahhx5EIfJ5OlgZbqEz30vx6VJ9Lt9IBZN-6Jmtd45o5MAoqweKydaKKQE4MmCZSxmH0wpAZa9GfJLmaGPFqK00cPbI0rPvSZqqQjsYEnv4jntNcGfcnQvzmOp1vGyb6CCTmtvoibWBD8siNSt0X-ojhzTW_r40TglFA7kU8tou9OaMjkt6l94cfN5Zxel6jYczTP7mNd5u69Me801lO0RMsJMUIZANRn9AMTJGyLaDqVeWRSGI38eY5bydMEdexVc8enWQUntirmlfCWbCJUNhGcbudcpxz-uy5cwhz6K2_V3Hq9bEuylr4Qq6eltkz9699YurfcImu_P5Qd4xHhboRaKjmWBjrgVzIOO6FGC_4kxpoyPrhG1MoP2xqU9rDwBxazX9mYgi7DSc69JL_MpqDnQwyLv4N69KA-nZh1d3AA-sURlb2_B-Uf8BChURFvHB6IngY5xGTlfP_d2gpk2kueHfhHpJa4rkRPSTq8EUjSINkNtJB1Bp_xGTksmooESIzsX6vONkl-7CeqATBJLuko3YE-cXnMIQR2dEATSBnlusj5C1DQ9xFIfJ3l1PipcbOceksf908f_epNut63X3r5HurCQrCR-vMmXn0xpA5HhYaGvVf5cv4Jlu4UqMKUkiRT_ULHje1q5he9IuLgfeNRb4WSEAcrf-ZE0yLNmGkyShufIeCqFbLeM2uNzqW0ABMsODPMAhc_nTldH8drCUQ1ZepEf213mXN4wLcOlXkBBCFafKEdtT-v0y9zr_qgzvGtvx9GikIABIl5Gj_-BVnBDVBso6fXqGtcPPM2sPx395hwaWLGE8z1W_bIRIDyGAB&cry=1&ias_dspID=3&ias_campId=1008365748&ias_pubId=pub-7383171830614216&ias_chanId=1&ias_placementId=17749152915&bidurl=https://cloudo3.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gaj3TMv75giQIPqhYXvF5S&adsafe_url=https%3A%2F%2Fcloudo3.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fd2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fd2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c402dd72-af98-7f3f-5b08-c6cca16a015d,c:lINjSf,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b88cc7b76-v5ql2,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:teWpWE0+11%7C12%7C131%7C132%7C141%7C151%7C152%7C161%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g1%7C1g2%7C1g3%7C1h*.1109672-64802888%7C1h1%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n,idMap:1h*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:24,oid:b254dbee-1f94-11ed-8ad3-a67c96319d07,v:19.8.343,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Aug 2022 07:58:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4541 1 KB
751 B 3ms
2ms Document
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 83285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 08:50:18 GMT
etag: 48472445140208031
expires: Fri, 19 Aug 2022 08:50:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B413 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ef781c176484afecc52f2d491a5097d11980e889e544e609746971d4ba80f3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16079474660871740598/ Frame ACAA 31 KB
5 KB 39ms
3ms Document
text/html 2404:6800:4004:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16079474660871740598/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16f171dae7907142b489adb3bdd7794761572a8bcf2444c80db4d6f41163f16d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 539902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5026
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Aug 2022 02:00:01 GMT
expires: Sun, 13 Aug 2023 02:00:01 GMT
last-modified: Mon, 25 Apr 2022 15:21:13 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B413 0
26 B 41ms
41ms Ping
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstNqyGFMKZY6xIsefo4XozEU6loW9HK8HeNnpNokx_vhS8AHS6bJDlUCFZb5eAFAT5lcBkbUzsLgnZI5jRMAW0q-FHHaoHImoCm6eQ3IFo4ADI4R_Sgdd7XX8dpxOVH6hKW0IjAUEzK1UZVlW7v85-0awyGNg&sai=AMfl-YR_1shwwv3MYd1EZbiebouFz_srdw8WEXpqOQez8AHR5QAKkuGrgxR8M_DpNfdC9bq3EJqPBswL7e9r_-B3uVoj-zoHBWIgei-blRPE7NsgfsKi5B4a6yezYyez&sig=Cg0ArKJSzAgtKw7xfyWCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=151&cbvp=1&cstd=149&cisv=r20220817.61735&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: cloudo3.com
URL: https://cloudo3.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-52-68-178-134.ap-northeast-1.compute.amazonaws.com

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Aug 2022 07:58:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

firstevent
hpe.demdex.net/ Frame B413
Redirect Chain

https://hpe.demdex.net/event?d_event=imp&d_src=615807&d_creative=170287640&d_placement=322123366&d_campaign=26716802
https://hpe.demdex.net/firstevent?d_event=imp&d_src=615807&d_creative=170287640&d_placement=322123366&d_campaign=26716802

42 B
942 B

10ms
10ms

Image
image/gif

52.68.178.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hpe.demdex.net/firstevent?d_event=imp&d_src=615807&d_creative=170287640&d_placement=322123366&d_campaign=26716802

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

52.68.178.134 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS: dcs-prod-tyo3-1-v036-027f19bef.edge-tyo3.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: AxGMDj5dRSw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-tyo3-2-v036-0ba62ef4a.edge-tyo3.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 4t6WwT4pS2c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://hpe.demdex.net/firstevent?d_event=imp&d_src=615807&d_creative=170287640&d_placement=322123366&d_campaign=26716802
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 ca
choices.truste.com/ Frame B413 27 KB
27 KB 170ms
170ms Image
text/javascript 13.249.167.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.167.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-167-66.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: NRT12-C3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 60c50cffacae235c43f510af74c11cda.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: S8y-PJmd1vxSZFUqiGzrt1sNsrxfNkJbKhm8ZodWHZk7PU5Zrugccg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E091 0
23 B 39ms
39ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWl9KnkL_YpDDI9iI2wTa-57QDQAAAAA4AeAEAg&bg=!VlWlVRHNAAYUOm8VNDo7ACkAdvg8WpsuniKfASHgSMXvzadk2V-hnJKqW0zHx9yVBiibAC7VNuKZqQIAAADlUgAAAAFoAQeZAw_iULlAK0TR_rw5m6wkHrYcoa2uorsd1JIWIjkNutRslYt5DcRkjG5PU6crx5r2fwxr-HtBmKW12LW1mu3QVmtyZnMsLytHgntA4FkGfcYN-wN99MuWzYkHcNtfCijqdCzeS8pK7doLepRM2OM-N7nSeGytuEWm66eI3hoa7qstDDtHUjYKL158BMR9uoBz_3mrQaMw5NiiRbujLCGUHU849-Book4nrW8G0mDRUGHKRko1xgJPZ-J6LwWYSUbof20qI6sonuMD-t19CZFg9WpdL42j5qgnVhef_fCWQuTLnC14iJPRGvmQBvVP7ATzHm1s0P0hliP9P9oX_lPCaOkYvESKYz15MZznpv1rpAwf_cD7joTwXtZ3YM0kwVhPvN0czI_5gkKdabUpZTwjUrZoUxzV1Kt6FhPFwtoStHbjdaQjHw9I_AdWsozouJ65suFUKR3rSVbkkosik5JWkOKZElyCUv-c6bdDlAbGMjLLynEfQdsfLqX88wwbGovFCESAfzDkRL4QfkMw7RGj88TYSj62kK1OqDm8yrWQ5sYeLbd9reNQDHpx_ajlZhfANg4rRoKpj2IxQbCiKdjAIqFfa1mPZaVAHo1-K4QAx_mc84nNDxrL3-ICI7JbQXLOPhtVJ-dAW5lB7HSxO5SMXscQVtK9BirgCxl4bUxvBqeJIteeh51RXKibyVKGbXvXhZuIM10A7-UfaEz5DPQcnNA7y4BbsPpnEfJCakc9VplVMBb6tB4WnhtnrfSDwYiYQXizcvBFQ9i9U9z_luAm05jvRFW6SaZOEN9p1VxFjetNJ38zwi1VtW4LbtQXIcWCP5oxzkW0MNXgrIbMeqf_0Wc289Jvj22MOSxUn7j0C34UZd0-d4eia-Cc23tgvY3naJkcpGg00GEfqmUoT_R1uioHIgnhb4bgp-9ALPxWATGKalI4JMkz0QFagmaSUX0PEs4aNBgpnMMyMXkO0GIuuUUL_zcSuZYobkRBMHwJHJV-LViqR4Wtn1TDy3WOuLuj5qui1zlCEVHsL6qtxm6zYxk

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-sgc.doubleverify.com/ Frame 3D6F 0
210 B 249ms
84ms Ping
text/plain 69.174.120.105
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-sgc.doubleverify.com/bsevent.gif?flvr=0&impid=53bbd493c2114243bb0f320992dfb50a&vfdur=296&cbust=1660895903152801
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.174.120.105 Avondale, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 19 Aug 2022 07:58:23 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 08/18/2022 07:58:23

GET
H3 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 3D6F 51 KB
21 KB 174ms
81ms Script
text/javascript 142.251.8.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXcvc4yais-JUKm3Z_JJOsWpTTIp091Cx6-L1pI5s5k9YCa44o&d=CnkAoCZ_4A0ovXctk-rVZPtMekzd4dVsifAqbevQNJS2c2IDOHFbL2x9IpTYsh4lYtHqDxgeT2G7opqrrUqL0sNOoRjJpnInJAuZuAqnB2-0oCJHlMHk_v-eIQXm6rpLzr0QpwxJ8ydFq7dJ4hDhXEdBn5U1nFCSnLmzEokTAKAmf-AxicboyD7AdJAonJQBrPw02w3uZe7iAiGypTPvLGCfsdxpYAyD4--32SaPF3chkwk8OBUXnYPiuCcxFVTJOCn8eEOSF21Je2-uDJAUjc8L0S3mX64naq16JCSzWRne9n26ckziW42jjDEJRFsNJgzFxtHP0nPDUGrkhIJwL2clVPTFwB3Zkpayo6ml1-qn97PyMMihVJtEvYTr7btA9SWXB1wOUID5wQ82CiNiKyBZs7QGS0zGP9ZnuhXn68wd-PM2m2t1NUnBpOW-hMw44yBrSEchiGBk7gyAlqozlW-rBt3KX9nXUC1jSMOpvIisy-B7ElRfzvYfnnqI-p0it76_18dS9N6w7fLlSH_RYP4zEosciHke--aZwa2rXh3s50HfdWwyOmRqiewRSBf7PvRctRAXlLvqTAcYbOGDs8u9Fjrl4eTCn6mf6eXjf5uLQtNm2FIVGof3Nkh_f60PGmQhmocy2tI11FutWJoBlPA7NyzGhcLb22hG-qKIYiO4H5o1n3J3PUjggoJ2er_zhCLFaaE_MTYLD2BF2aRI8adDMecqZP3Sa0mdAL4VX1sgStfE59qkVjWBbXuE5Z-1eoK80bteuIM9ptMHh--laPoY4_a2FN13a4bghYTu6qSP1RI_5rACEMuKCtCgtPD7kiaKUyDkujrpDMi-mEG0c4zqUsCRoh1hlQWmT8qKM6Oe76sef5bS6hOBgctzNyF9tYxmA6rwRGJxkYhkz1MsTwxxlyU2erM_-XiZmX4QuB2TZlKOIHhD0s7p6E_XxoO1ICuv34XJfs4_axlsNmd4GgpWNtDOpV61ZEtdpvxDIVE6GNoUaVLJBc-zaGMDYwVyr5siaYgVTiih-ASr1U8EzVZB1cyG1SOZAghxoD-TXckLn3Olld9cgjhbrAZlTCUHLiTYUKQV3-OUUqHZ60XFFAnh-nDXUTlir1hr8WEcuBfWY_ICSXpCn9JAk5W_slwKkeXSILFg-bCOQOLC3PLmdX8llMTvV7vlMl_1agLH_T6XtUdcKdH3V2tIp9qlRgNZQUcZVfc5dnT4EobuJLxQ9RzYvuwdcJLzCAQWVSSJ4YbZ02fhwBiRyICuYeRF5yoWI9fMzCggVIa782xcuUaGamMRG709-KULgobuM6TBq46NyxHq5sjk5ygCThPhdK86Zej3OFi2z8Qks1UpXdCsqKXJYTmm_kqNy-MCA-ktniOzPDPx-r1Dg8D2qd1im1BACwmImc65xc7tzsjGMRmvXyjDD6rNZj1jP6MUKpsdhTW7wskhjzVW89MN-NFrKUjHdrKnj_PDlVTBMjCq3-L3jcEw_YPave6fq-pw-gOqwPYDbSC1JpA2Bv3DIFV_fmWNCXW9fks7pBX4CAZQ9WY58ZlKyT72DroMaFqCy4q2JzbGBPWd-mTTYESkM8euiRDkgGXZpOLbuxhcVhOu-7stGPTZ3q4VksmQNqNVY-EHgCroUf0iKl6A2BWGWpEFdxzcHjdtCOdQlacm1hrvnC7MDabn8pGnmzs_ZLV4-I_c_whLUEjBdKRK3dVY9K1k29fKiz7qFj8yp9NGet_DzFe3wLvrN6yAaRI9YmwpiqFdf0UaA5pFbD1qQSLt40yq13qUrN2VLpR55mLOLkwYKR6y-LL2ciI6yeDxgiRV-2JJ26WkKUAEssmStk7SIZTjt2yYKb-dTzD7PVKaQ2ucsJy0ISGLYheRrBtWOueNGN81nDnbnS2KqBv4i5qh_AwGOvqGCjO59g6X9weJysnmjfjjk719KkcKHhteoLP0S-MJliDI4aXihO_bt6SpXBuxI8bwextAC0UTM5eBq1D4_Hp8H4dZy74xqh_ek0A1FH93HYjbUdogBBJ1jlazVoKknpKS0-Iv0H4ljPysdE9bMz-WdY7mbgw-JpxJDzpe8ibpYm29AQqnjjZk0p11YtbV4Olh0TfbPHjGkn-eTz_ut_NziB4mVD2m9bXraP5V88yezz1EjdASCtMrL1x_oIy2rj3NHoYQdOBRs7QBZJDdFKoK-MaDF3V7VpLBczQYCPafeFzRn_Os2OBim4CvS7f--bGyudMNboJ1hZMmevEApCkKYyjZk5cX2kto7e_qtBLBOT3E-gjY4lV4G2ny9y7j8O6vfSAWafyQyKLbRUlCYknIWmsr8zaMcFjyfxOcJQB3NM6KnJOo7u3gpukY_6yM10QudPu3pNujCcrAKJClHdZ4bkfjJyHv6tDqMshf6igyzs2hUi8vzWgraFuoGJtqTSkRE7aluOPwg9atNwcH0WOOREzHw2Fuwiyup0SDgDkxGfhCV9ycD5gkWW1hJTS5xA-D7sJNv6Umn558OIjWZZmR1-w-ce_pqKOfk2sXrMwb7U2HBImbNbmr52XZQWqho1DCna8zatmRrnyamR8Y7QF5tkR0T3RS-RNflPQvBL8TPdjZdlJWTbR8Lyeyni9EyWG772MPlWYMhOruslYLCoCWmxrQ4V8WOgwvvtuV1aZ4yjzaioC8l79aB3Q2UTcDjgcPXGBFqrAZ08Oq2uoZu6-9DNl-sA6zgDi3tHipz_m1Uj2G8UZXLchK6IdSDTHPqG34VhnvLgfrvQyBuVKIO4OlIN5TgXbBpUCTgN-Dz0GmnuGfsuYDZrbOMPg9aYdpO0RmxpYAHJmGSNCQkufWfhMJOiUdwu6uv_Y8amIlocboeCWMeCaqOZdlM8YSdGgX6U9sDBrM3PjeeO_IXxeGfiNER3Wy9PW5a1QYb6maEevvMFIwq9-WkEKA2nlkLFTZiz_B4SgVkYwI3fZOQEnfMQOYne2KPaeRAV8U0g-SQXZn6QPfaWT9vRDJk_HC2u_AKI9tt6IcvLBFxYw6HRTHulxlt3B2sTa9EdeQdMKle9Qw-p2YOK7pB5gxM7l3QSfLHtgFXptkMtNziAVItmJZRmj7oMAa3tNG4jHTPC4zfGaNueEDy4z4871qxDlMPUSPKMj0jnV7TFvJQYT2QdyveazUkEGHFqeGN5ndIZtQU_Amy-i2NoM_IE32JzAt1v2f3ZAZ2pG-mNtVyFZVYRIBKdArECfj8bTrADtiHvd4emsh_QTwNSNgc0u-70SMUc1rEk8ZrEFpYbn3bzga-DGIVQWD7vI3Bnk2xzglGdlB9xSOcbqiIKy1QSMzqnSR8Gui1sGObZ8dzv4yxds0LTyAwQKXA13I3jrMwL_rhB4rBGhcwva9JNdi0v4fjXOMV5U7zy__9HaxBhX0dEr2npt1agB2cEsn-Wip7YkaKQgAEiXkaBQD0xLPb7NUXH-incpvPlFv98q9xvKfhIk1ZBrrEjIw2D89YAE

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.8.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96f614d19628e49258a188131fd7c2fd022f11d3a60e556591232e5a3e6fa45e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21184
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 8cfaba76796d399b9506c3f6085d3edc.js Show response
s0.2mdn.net/sadbundle/16079474660871740598/ Frame ACAA 77 KB
20 KB 3ms
3ms Script
application/x-javascript 2404:6800:4004:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16079474660871740598/8cfaba76796d399b9506c3f6085d3edc.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16079474660871740598/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75e5ea6fdc75316b66f43479cbcd3201d0e1709187b377ff8391ddd665394938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16079474660871740598/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 02:00:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 539902
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20174
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 15:21:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 13 Aug 2023 02:00:01 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4541
Redirect Chain

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBnEbIZIBkNiXrIcbVFn3Ok&google_cver=1&google_push=AehlK4CCsKwJQHrihl_9BnUmEQrdOIrcnv9LKqI03-6CobDh6swKulfdiwIz__tWik6KqpawzQ4-ZkEpQY...
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBnEbIZIBkNiXrIcbVFn3Ok&google_cver=1&google_push=AehlK4CCsKwJQHrihl_9BnUmEQrdOIrcnv9LKqI03-6CobDh6swKulfdiwIz__tWik6KqpawzQ4-ZkEpQY...
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4CCsKwJQHrihl_9BnUmEQrdOIrcnv9LKqI03-6CobDh6swKulfdiwIz__tWik6KqpawzQ4-ZkEpQYoiXGWPvIK1CeewHPI&google_hm=MDUwMzAwMDFfNjJmZjQy...

170 B
188 B

93ms
93ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4CCsKwJQHrihl_9BnUmEQrdOIrcnv9LKqI03-6CobDh6swKulfdiwIz__tWik6KqpawzQ4-ZkEpQYoiXGWPvIK1CeewHPI&google_hm=MDUwMzAwMDFfNjJmZjQyOWZjOTFlYQ%3D%3D

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 19 Aug 2022 07:58:24 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4CCsKwJQHrihl_9BnUmEQrdOIrcnv9LKqI03-6CobDh6swKulfdiwIz__tWik6KqpawzQ4-ZkEpQYoiXGWPvIK1CeewHPI&google_hm=MDUwMzAwMDFfNjJmZjQyOWZjOTFlYQ%3D%3D
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H3 200 usermatchredir
ssum-sec.casalemedia.com/ Frame 4541 43 B
913 B 27ms
22ms Image
image/gif 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENQ5jFUmQa7zTExp0wv5030&google_cver=1&google_push=AehlK4CHzVpZsTP-IbNQP7XsDhXl8-DFuNJAFvtN0uJgjZx1Bty9efK6Z83ukJGDPdVH4xfe7ahUduh1bNgIGFXbIvS3o9DOEg
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73d15802db6eaf93-NRT
pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHVLSzErV053XofY96%2FMpDPMK5kd%2FsORl9pC7bizoRsTFC0H0vEzr5tB%2FImgJ7slTN3CoLMjz4a1qGPc33L%2BuhnQo5Y8oVSUp1g2kOw6kysQ8BCez%2BadAmMiEPMFjWzWXfI0tHN2AJcTVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4541
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMjFL_XE_zm_D2tC7XroDeo&google_cver=1&google_push=AehlK4ArLUTrR0ecETbvuLGbhBZXuw5gOtcx96SvQfPB79H0_-pZyEy3Eqf7VbHdLe_ntBLgYeG20DXcT-jW...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4ArLUTrR0ecETbvuLGbhBZXuw5gOtcx96SvQfPB79H0_-pZyEy3Eqf7VbHdLe_ntBLgYeG20DXcT-jWi8LwibxY7dB-QIc

170 B
188 B

38ms
38ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4ArLUTrR0ecETbvuLGbhBZXuw5gOtcx96SvQfPB79H0_-pZyEy3Eqf7VbHdLe_ntBLgYeG20DXcT-jWi8LwibxY7dB-QIc

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4ArLUTrR0ecETbvuLGbhBZXuw5gOtcx96SvQfPB79H0_-pZyEy3Eqf7VbHdLe_ntBLgYeG20DXcT-jWi8LwibxY7dB-QIc
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4541
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEHwufyhoFofmmyxMVeJLMlY&google_cver=1&google_push=AehlK4A69upU17kAoJWGwIWixSkSaK_NPcxRberiRLtusU0_PEyBolHJbJij7UgH1bC8xJxryODcZuycpntiae1kupolE5bDPw
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4A69upU17kAoJWGwIWixSkSaK_NPcxRberiRLtusU0_PEyBolHJbJij7UgH1bC8xJxryODcZuycpntiae1kupolE5bDPw&google_hm=Zzc2NjI3MjgyMjM1N2Y5MW...

170 B
188 B

38ms
38ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4A69upU17kAoJWGwIWixSkSaK_NPcxRberiRLtusU0_PEyBolHJbJij7UgH1bC8xJxryODcZuycpntiae1kupolE5bDPw&google_hm=Zzc2NjI3MjgyMjM1N2Y5MWJjOTk=

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4A69upU17kAoJWGwIWixSkSaK_NPcxRberiRLtusU0_PEyBolHJbJij7UgH1bC8xJxryODcZuycpntiae1kupolE5bDPw&google_hm=Zzc2NjI3MjgyMjM1N2Y5MWJjOTk=
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4541
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECkqJ7sTepxmgEgTYesI0Hs&google_cver=1&google_push=AehlK4AAi-D9UoV0jaz6k5wctD679NEoH-VhI27epz7L4zQG6Ckq3cKjNW1O54Oa2vwmocuIbb8u8A...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4AAi-D9UoV0jaz6k5wctD679NEoH-VhI27epz7L4zQG6Ckq3cKjNW1O54Oa2vwmocuIbb8u8AFITmGTbIxzlOeOALZcysQ&google_hm=ODgzODI2NDE...

170 B
188 B

90ms
90ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4AAi-D9UoV0jaz6k5wctD679NEoH-VhI27epz7L4zQG6Ckq3cKjNW1O54Oa2vwmocuIbb8u8AFITmGTbIxzlOeOALZcysQ&google_hm=ODgzODI2NDE5ODM0MDI0NzIzMw%3D%3D

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4AAi-D9UoV0jaz6k5wctD679NEoH-VhI27epz7L4zQG6Ckq3cKjNW1O54Oa2vwmocuIbb8u8AFITmGTbIxzlOeOALZcysQ&google_hm=ODgzODI2NDE5ODM0MDI0NzIzMw%3D%3D
date: Fri, 19 Aug 2022 07:58:22 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4541
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESENVplC3zlFOyiXM6g7nS-Ew&google_cver=1&google_push=AehlK4AhyXiV60EjMrNb-W8LU7sIEL-5mZqPGpl665AE4o4camiPFNVNr5cuAQ2xx0vCb8_7NpdM4wv0olPe8pusrUs1AFR5hQ
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4AhyXiV60EjMrNb-W8LU7sIEL-5mZqPGpl665AE4o4camiPFNVNr5cuAQ2xx0vCb8_7NpdM4wv0olPe8pusrUs1AFR5hQ&google_hm=c4b2c0eac7a950bce5ada...

170 B
188 B

89ms
88ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4AhyXiV60EjMrNb-W8LU7sIEL-5mZqPGpl665AE4o4camiPFNVNr5cuAQ2xx0vCb8_7NpdM4wv0olPe8pusrUs1AFR5hQ&google_hm=c4b2c0eac7a950bce5ada634523981a3

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4AhyXiV60EjMrNb-W8LU7sIEL-5mZqPGpl665AE4o4camiPFNVNr5cuAQ2xx0vCb8_7NpdM4wv0olPe8pusrUs1AFR5hQ&google_hm=c4b2c0eac7a950bce5ada634523981a3
date: Fri, 19 Aug 2022 07:58:23 GMT
server: nginx
content-type: text/html; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H/1.1

200
OK

/
b1sync.zemanta.com/usersync/googleadx/ Frame 4541
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEA9iS3-IPdooz0fn-0zNFoQ&google_cver=1&google_push=AehlK4AuOF3ZSZpQn3WDIJQzcIolCv7ej_0nxHCpDukdppY1oS_DMWTsqlod9PAOXXfAQsxuHYS1Sii41vmKx...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEA9iS3-IPdooz0fn-0zNFoQ&google_push=AehlK4AuOF3ZSZpQn3WDIJQzcIolCv7ej_0nxHCpDukdppY1oS_DMWTsqlod9PAOXXfAQsxuHYS1Sii41vmKx...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4AuOF3ZSZpQn3WDIJQzcIolCv7ej_0nxHCpDukdppY1oS_DMWTsqlod9PAOXXfAQsxuHYS1Sii41vmKxkYMMAbqNseBHP9l&google_hm=YWhHRkN0ZlllQnExdE05...
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5

26 B
127 B

165ms
164ms

Image
image/gif

64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Protocol: HTTP/1.1
Server: 64.202.112.95 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:24 GMT
Content-Length: 26
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 258
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4541 0
12 B 38ms
36ms Image
text/html 172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ia-Ewo3Q_kcSMjj97P41kRMSbNzyU0y4QdO6jKKlqbxaOBe995wfWlqDsdyo9-7sXdZrF5dQ

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E3B4 0
23 B 43ms
43ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwQCZnkL_Yq67Jq2Aid4P59ivaAAAAAA4AeAEAg&bg=!wcKlwobNAAYUOm8VNDo7ACkAdvg8WpNG3oXLKTDXHu7eekJaTWHRhSjpA8uzjIf2kn7vBkeruXJhAwIAAAEPUgAAAAFoAQeZAyCwzMmyzQp0ZdFmbRqfsj7-NsjUQV6L7W9Ea86hJx1mbIzRuRpBj-f6fuPWB0SKsV1u7w7vo35lMEpmj2-U6G3Lws1wgFrXP-zKS6OJc7ThWQwXZY8lQ1GNN3IjXvKKctyyxJ1cH8OLbaIz4YHspc--9dVKHechaudrL-CIDid4uZc45AFF6RouFfoWczCf8aZ_HNmTmN-MV-GodwW_vjnpJhS0VVBGVitKDUVdxYP28BVLdqfEzFQtV0if64gf1SBG96vUAZ_6wm-1JvnR8ClgizyZDAgDXBwLYIiJ36VtFCgP2QWBErhBJWBJk8bBMfypSLW3RanPhRQX2Bn-COcK4zPPhWFFfK3nJCE0krCmHF60mE4o9Md3enK4UhGWF1eP_4HwpTqu-VCMGOralAWYG6EhUmzlPLv0fxLjngQ8c8EPc_pfz0ncdkN6sJx4Kd5N7iJl71bAUz0bbcWJlofOKChtzQzmYaT37_M7zJlKSvBx0NDtU4G-WDfKh-LzSSOmdam0z7cm4rtBSn4W8KQeLmeX43kujD3p-Gcl5XuRfTGXAyr_-N5zRrnznY0Mh2Aym5EkoTw3X_gxinXy0GM5PFiCm9_Z7SZoOclUDGhYn0MoaFBG_-p7uS7MquCklTum53xRC65Lk2Q4XQUuEY0HrJu3uz6h5HF6_qRvoLbFFNIWFo3RfBOemvH25stQQ-IgNTi2oySxsdOhSu6VIh9HPpuRV4nbnBJW0h-ReLZYKbp86yAY0_Ti5zQrRZR_fVqz1XLt8FHFkxjiK52mO3OOxN78AIBY75JEfbEXPtCmywjgA6vJarHFTsNfp7BubAQ0vGysp4LVFejM3lnDPk_R1oM32yVRsOzrPP6SkrSgxiTdFty-3rLBOOZ-nMYL7DnPSF8ZHKzQmG2hDGb5-x6VeVgS8AdJrREivpVPA0O1ywxldpzxp4MyUdJU9uTUDEyyMumUfxnOzZCr2LKiOVPcJAx9wirCpE8_lftF4CWp9S-ZQ2E5i3eTctOLghbovVOr9DrajeAu977nG7qPhGPcQxFO25XnCOcG4Kot4Xwfnw

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DA9 0
23 B 44ms
44ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6yJDnkL_YvmnJpiu2QSbprbYDgAAAAA4AeAEAg&bg=!eHulez_NAAYUOm8VNDo7ACkAdvg8WjHj1_U2I8B6tkpwM54ayWuKYJPhWJjnwaJdEIJFHgKrrsknfQIAAAEGUgAAAAFoAQeZAzTiwa-ySivvDBGwqSDhtPdwF3PG0StoC_lqm_lU98CwG3x8gj2S5WYNhtKa8klJgQnZbziN9y8SiaQ9tbYONtFScFcznh6IC9c5VZ5B24zs2CvzMxTLKDJ25g1jAbgC2fui5Pgt4qpfiUiBf1H4j1obWaTkalcOEyeegCyO6kDZ8341v-oqvw_vgjtO777T0gIDonrb3cLQM4-R510G17QLVXFxrc1i2THEqjG49mcNCLMggeUR9tB3Hpbog8tAQ8lDkxzaKAxAt_qvSB4gmd8ZSBJlyYXdr6x2Vl4EFW5QISGRl_Ak-digB65jwOQY20E_u3WdnDhQU6nLnIg6cAu6bbwH0rItoJn8rSUHb4UMv78wF0s5X7oEq2WIvLDhCLd8GK9r-019XrBHL2O6TSmE-cMxSOBgJ3NPf7xgngQkPsKVhToKibC1KhWzSOTCUWdMG1C7V4lYLvnOOx3-j2LtvQL9S5udo32C7UlUfW6JgJPpOmlp1BIf5Cl00of1MFWdoArc7Ag35qcVM72XZwVVUwxwGNFei5yTFQi_QpT0CceOqJ_nLuSfRdORUALCrF9ufWNclsFasrJEktDwtstxQUajdqZFfXEKRTYSeEurgfm0t54c2htkj-dq023-jvGw5PqtyIvi-9fC9pof-6R-Yjxc1_1MPLawr6kTSK_o2DTjPaor-UNAdCvBkhiPyL55aP-5NEofoK-hYqaJtZn5r9xx_sJfyrqNR9z_yVFX08Pby5A_UFqGt7y9qWxgeSBZc4TRrGXV4xoodvugh7JbFvVsOADMbzXcadLaweh4mIzTQVLHCVLNDkDQPR5JHfCkeeVDfear6aO56eEaZhf2Ow-aknyCmtxj3uEct-FbkI4WAS9zG3jVTYpDlukv67YlygHOUxCH3SqIBdtTMI8-sfDghD0hmXGMDxOLcSravNLqVWPQX7gMFWBbMVUp2T_DEvXr77SzrQ0yCW-hWSLGw08xwzJemt0E9SKrBgADmfNCc88ieoRfb75YeWwmQEsOfwjoWuoZAQViqVgWSxHIvGTNh4mNjun0r3xJw_7rFkVOoOu5ICLUIDHTAnqemEJQSXw_

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CC54 0
23 B 42ms
42ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0a_1nkL_YvzMJd6Bs8IPw5W0qAwAAAAAOAHgBAI&bg=!x8SlxIDNAAYUOm8VNDo7ACkAdvg8WlKPPRBVftxDRcK66SZ2SZrAauHsUUnM_e1-2oZ4R3dueneYDwIAAAE2UgAAAAFoAQeZAykLmw-dNs03zE4JA4A1P7ak66cs1Zh5l9h68aX4aJ1dXa0Gjb2dUTUqXZQrkZ3cW7zg6W6yVodN8VVGWzm4rjff_WTKCbIXB_K_bYWjIHIWWAz9QmSsdc_MUC2BqiK03g5gzHbdF9EN17igaZJK7zw0NiIEmBV5-9zEOb1KyDfIx7WWfxmufB10T3aat4RJcLdYEbITlw62ggtJIFHlPqCU4ttD1sieOPMeo55KDbTekRDTuA56lqEzgxjajttmlScA9a2hLoLR6UAUN8nasPD4xno8Ca2A8A_NhZloz1sxTzMM7NxR-85FYc44_wRGCrs-21dwLQFU86GhtMTxSmTehxYt7DCMc-wauJd58xL2RNddeEwSxUntlo5q-6F7t3X_qaVLC8VmWvRo6fv7yFyVOUqrj7L-A-c2otJAJkwzzCU3OaHz5aZNgfYI07ThXVXi2ujmyfPX3KPFL-BHC-FvdvSAbeRKbnM0Q42AxxFGZ2PrtDJ9OER9uxpK96_C83qnQCwH4woaTPS3mAfGuMf1IQfvKzobUct3lHCRC5piJ24Ey4IrqdqSbg5eUCSid338DEqKoKGqSBEuV7YDhr5OI8rbGwok38PWWwkn_DKIuKtM9b0aivMJdxRr9zi_xkq4pbQFAZr-T1-A301J8BB37RnXtLQ0zG19kcV3gi31dpxcm_v0a2PSsxgCgnZj1ypaZiReMO7xopPScOxXKsfFNlMeBe1tY01lOzgziMA74hoZPAB5NMnLcJNWVj6jpKVs4z5CIKfSi4N-IXiAkT_ydGxPFnGIMfzNNDvPXTu8NQKovUNdr-yaUdng9pwLYAZl5nqATGrGI3yN_lVgT3T_o6WN4mRCdBRIPD4VfqQ_V9ioUsxKKm8883P9U5Pne0186xVWjQurv1xL1tRiJhJ_JZ9jc8kW3IPRLOsntbTyHeVDEH31eA3olMEvyeBooVOsRrZJcrsiER8Tl05bJiup3ay85gxj8dAhaoOw4LagVoeTTLUR73LEl4CCNw-yB0hPBVVyY3Nqzdjgt-KCp_41zz4pgoPl617mLCZ-xumTv2mqG1KDBVUweA

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 80d320098425ba0e22c71cf0bf27bb69.jpg
s0.2mdn.net/sadbundle/16079474660871740598/media/ Frame ACAA 19 KB
19 KB 5ms
4ms Image
image/jpeg 2404:6800:4004:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16079474660871740598/media/80d320098425ba0e22c71cf0bf27bb69.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16079474660871740598/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

243b8941cf7290d061601013ef76d87958e73746dc5ce16f83e9cb22ae001e79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16079474660871740598/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 02:00:01 GMT
x-content-type-options: nosniff
age: 539902
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19833
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 15:21:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 13 Aug 2023 02:00:01 GMT

GET
H3 200 ab9189e227ff7e6c66f75566dba238b1.svg
s0.2mdn.net/sadbundle/16079474660871740598/media/ Frame ACAA 2 KB
876 B 6ms
5ms Image
image/svg+xml 2404:6800:4004:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16079474660871740598/media/ab9189e227ff7e6c66f75566dba238b1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16079474660871740598/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c31a60398cba18f3ffe3fbea5b80ed1dd1cba7cd8a0a51bfa9bd9ef622ac756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16079474660871740598/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:37:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 847
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 15:21:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:37:56 GMT

GET
H3 200 41c795a1b4473d5e3d02ac10e8e33706.svg
s0.2mdn.net/sadbundle/16079474660871740598/media/ Frame ACAA 5 KB
2 KB 6ms
5ms Image
image/svg+xml 2404:6800:4004:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16079474660871740598/media/41c795a1b4473d5e3d02ac10e8e33706.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16079474660871740598/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ea49a07213a99d799106a2bdd6ed3831193e33657674352891b2070ac654436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16079474660871740598/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:37:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2398
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 15:21:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:37:56 GMT

GET
H3 200 4e4cc93ddfd2e1b75ec0f0e9ea4f028b.svg
s0.2mdn.net/sadbundle/16079474660871740598/media/ Frame ACAA 5 KB
2 KB 6ms
6ms Image
image/svg+xml 2404:6800:4004:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16079474660871740598/media/4e4cc93ddfd2e1b75ec0f0e9ea4f028b.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16079474660871740598/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fc98a5f2ad3fade2176c7f4d057c02a332ee5d3e532746414eda6e88bc46ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16079474660871740598/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:37:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1881
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 15:21:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:37:56 GMT

GET
H3 200 bc321713b954f6499e4323d6954f1709.svg
s0.2mdn.net/sadbundle/16079474660871740598/media/ Frame ACAA 2 KB
1 KB 3ms
3ms Image
image/svg+xml 2404:6800:4004:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16079474660871740598/media/bc321713b954f6499e4323d6954f1709.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16079474660871740598/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a96c1a673487134460892ad3ea2919508c52963e53881fb512362138d5619c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16079474660871740598/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:37:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 15:21:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:37:56 GMT

GET
H3 200 84f69b4b5e0c9086c34f9c2f21743cb5.svg
s0.2mdn.net/sadbundle/16079474660871740598/media/ Frame ACAA 4 KB
2 KB 4ms
3ms Image
image/svg+xml 2404:6800:4004:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16079474660871740598/media/84f69b4b5e0c9086c34f9c2f21743cb5.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16079474660871740598/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e94b63b1b3af8af0c85e32a5deb136878df9aece1d28abc09f2680223a67fb37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16079474660871740598/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:37:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2149
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 15:21:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 09:37:56 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 62D9 0
747 B 77ms
76ms Script
text/html 103.43.90.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.53 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Aug 2022 07:58:23 GMT
X-Proxy-Origin: 217.138.252.171; 217.138.252.171; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8d234371-1821-4cce-9015-797da57a805a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B413 0
26 B 39ms
39ms Ping
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstNqyGFMKZY6xIsefo4XozEU6loW9HK8HeNnpNokx_vhS8AHS6bJDlUCFZb5eAFAT5lcBkbUzsLgnZI5jRMAW0q-FHHaoHImoCm6eQ3IFo4ADI4R_Sgdd7XX8dpxOVH6hKW0IjAUEzK1UZVlW7v85-0awyGNg&sai=AMfl-YR_1shwwv3MYd1EZbiebouFz_srdw8WEXpqOQez8AHR5QAKkuGrgxR8M_DpNfdC9bq3EJqPBswL7e9r_-B3uVoj-zoHBWIgei-blRPE7NsgfsKi5B4a6yezYyez&sig=Cg0ArKJSzAgtKw7xfyWCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=266&vt=11&dtpt=115&dett=3&cstd=149&cisv=r20220817.61735&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: cloudo3.com
URL: https://cloudo3.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Aug 2022 07:58:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 200 node.php Show response
node.setupad.com/node/ 0
209 B 818ms
272ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3002
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cloudo3.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 19 Aug 2022 07:58:23 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 3D6F 30 KB
12 KB 6ms
5ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXcvc4yais-JUKm3Z_JJOsWpTTIp091Cx6-L1pI5s5k9YCa44o&d=CnkAoCZ_4A0ovXctk-rVZPtMekzd4dVsifAqbevQNJS2c2IDOHFbL2x9IpTYsh4lYtHqDxgeT2G7opqrrUqL0sNOoRjJpnInJAuZuAqnB2-0oCJHlMHk_v-eIQXm6rpLzr0QpwxJ8ydFq7dJ4hDhXEdBn5U1nFCSnLmzEokTAKAmf-AxicboyD7AdJAonJQBrPw02w3uZe7iAiGypTPvLGCfsdxpYAyD4--32SaPF3chkwk8OBUXnYPiuCcxFVTJOCn8eEOSF21Je2-uDJAUjc8L0S3mX64naq16JCSzWRne9n26ckziW42jjDEJRFsNJgzFxtHP0nPDUGrkhIJwL2clVPTFwB3Zkpayo6ml1-qn97PyMMihVJtEvYTr7btA9SWXB1wOUID5wQ82CiNiKyBZs7QGS0zGP9ZnuhXn68wd-PM2m2t1NUnBpOW-hMw44yBrSEchiGBk7gyAlqozlW-rBt3KX9nXUC1jSMOpvIisy-B7ElRfzvYfnnqI-p0it76_18dS9N6w7fLlSH_RYP4zEosciHke--aZwa2rXh3s50HfdWwyOmRqiewRSBf7PvRctRAXlLvqTAcYbOGDs8u9Fjrl4eTCn6mf6eXjf5uLQtNm2FIVGof3Nkh_f60PGmQhmocy2tI11FutWJoBlPA7NyzGhcLb22hG-qKIYiO4H5o1n3J3PUjggoJ2er_zhCLFaaE_MTYLD2BF2aRI8adDMecqZP3Sa0mdAL4VX1sgStfE59qkVjWBbXuE5Z-1eoK80bteuIM9ptMHh--laPoY4_a2FN13a4bghYTu6qSP1RI_5rACEMuKCtCgtPD7kiaKUyDkujrpDMi-mEG0c4zqUsCRoh1hlQWmT8qKM6Oe76sef5bS6hOBgctzNyF9tYxmA6rwRGJxkYhkz1MsTwxxlyU2erM_-XiZmX4QuB2TZlKOIHhD0s7p6E_XxoO1ICuv34XJfs4_axlsNmd4GgpWNtDOpV61ZEtdpvxDIVE6GNoUaVLJBc-zaGMDYwVyr5siaYgVTiih-ASr1U8EzVZB1cyG1SOZAghxoD-TXckLn3Olld9cgjhbrAZlTCUHLiTYUKQV3-OUUqHZ60XFFAnh-nDXUTlir1hr8WEcuBfWY_ICSXpCn9JAk5W_slwKkeXSILFg-bCOQOLC3PLmdX8llMTvV7vlMl_1agLH_T6XtUdcKdH3V2tIp9qlRgNZQUcZVfc5dnT4EobuJLxQ9RzYvuwdcJLzCAQWVSSJ4YbZ02fhwBiRyICuYeRF5yoWI9fMzCggVIa782xcuUaGamMRG709-KULgobuM6TBq46NyxHq5sjk5ygCThPhdK86Zej3OFi2z8Qks1UpXdCsqKXJYTmm_kqNy-MCA-ktniOzPDPx-r1Dg8D2qd1im1BACwmImc65xc7tzsjGMRmvXyjDD6rNZj1jP6MUKpsdhTW7wskhjzVW89MN-NFrKUjHdrKnj_PDlVTBMjCq3-L3jcEw_YPave6fq-pw-gOqwPYDbSC1JpA2Bv3DIFV_fmWNCXW9fks7pBX4CAZQ9WY58ZlKyT72DroMaFqCy4q2JzbGBPWd-mTTYESkM8euiRDkgGXZpOLbuxhcVhOu-7stGPTZ3q4VksmQNqNVY-EHgCroUf0iKl6A2BWGWpEFdxzcHjdtCOdQlacm1hrvnC7MDabn8pGnmzs_ZLV4-I_c_whLUEjBdKRK3dVY9K1k29fKiz7qFj8yp9NGet_DzFe3wLvrN6yAaRI9YmwpiqFdf0UaA5pFbD1qQSLt40yq13qUrN2VLpR55mLOLkwYKR6y-LL2ciI6yeDxgiRV-2JJ26WkKUAEssmStk7SIZTjt2yYKb-dTzD7PVKaQ2ucsJy0ISGLYheRrBtWOueNGN81nDnbnS2KqBv4i5qh_AwGOvqGCjO59g6X9weJysnmjfjjk719KkcKHhteoLP0S-MJliDI4aXihO_bt6SpXBuxI8bwextAC0UTM5eBq1D4_Hp8H4dZy74xqh_ek0A1FH93HYjbUdogBBJ1jlazVoKknpKS0-Iv0H4ljPysdE9bMz-WdY7mbgw-JpxJDzpe8ibpYm29AQqnjjZk0p11YtbV4Olh0TfbPHjGkn-eTz_ut_NziB4mVD2m9bXraP5V88yezz1EjdASCtMrL1x_oIy2rj3NHoYQdOBRs7QBZJDdFKoK-MaDF3V7VpLBczQYCPafeFzRn_Os2OBim4CvS7f--bGyudMNboJ1hZMmevEApCkKYyjZk5cX2kto7e_qtBLBOT3E-gjY4lV4G2ny9y7j8O6vfSAWafyQyKLbRUlCYknIWmsr8zaMcFjyfxOcJQB3NM6KnJOo7u3gpukY_6yM10QudPu3pNujCcrAKJClHdZ4bkfjJyHv6tDqMshf6igyzs2hUi8vzWgraFuoGJtqTSkRE7aluOPwg9atNwcH0WOOREzHw2Fuwiyup0SDgDkxGfhCV9ycD5gkWW1hJTS5xA-D7sJNv6Umn558OIjWZZmR1-w-ce_pqKOfk2sXrMwb7U2HBImbNbmr52XZQWqho1DCna8zatmRrnyamR8Y7QF5tkR0T3RS-RNflPQvBL8TPdjZdlJWTbR8Lyeyni9EyWG772MPlWYMhOruslYLCoCWmxrQ4V8WOgwvvtuV1aZ4yjzaioC8l79aB3Q2UTcDjgcPXGBFqrAZ08Oq2uoZu6-9DNl-sA6zgDi3tHipz_m1Uj2G8UZXLchK6IdSDTHPqG34VhnvLgfrvQyBuVKIO4OlIN5TgXbBpUCTgN-Dz0GmnuGfsuYDZrbOMPg9aYdpO0RmxpYAHJmGSNCQkufWfhMJOiUdwu6uv_Y8amIlocboeCWMeCaqOZdlM8YSdGgX6U9sDBrM3PjeeO_IXxeGfiNER3Wy9PW5a1QYb6maEevvMFIwq9-WkEKA2nlkLFTZiz_B4SgVkYwI3fZOQEnfMQOYne2KPaeRAV8U0g-SQXZn6QPfaWT9vRDJk_HC2u_AKI9tt6IcvLBFxYw6HRTHulxlt3B2sTa9EdeQdMKle9Qw-p2YOK7pB5gxM7l3QSfLHtgFXptkMtNziAVItmJZRmj7oMAa3tNG4jHTPC4zfGaNueEDy4z4871qxDlMPUSPKMj0jnV7TFvJQYT2QdyveazUkEGHFqeGN5ndIZtQU_Amy-i2NoM_IE32JzAt1v2f3ZAZ2pG-mNtVyFZVYRIBKdArECfj8bTrADtiHvd4emsh_QTwNSNgc0u-70SMUc1rEk8ZrEFpYbn3bzga-DGIVQWD7vI3Bnk2xzglGdlB9xSOcbqiIKy1QSMzqnSR8Gui1sGObZ8dzv4yxds0LTyAwQKXA13I3jrMwL_rhB4rBGhcwva9JNdi0v4fjXOMV5U7zy__9HaxBhX0dEr2npt1agB2cEsn-Wip7YkaKQgAEiXkaBQD0xLPb7NUXH-incpvPlFv98q9xvKfhIk1ZBrrEjIw2D89YAE

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:38:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/ Frame 3D6F 8 KB
3 KB 7ms
6ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:49:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 07:49:34 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3D6F 0
26 B 45ms
40ms Ping
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvOVJC6jRUYsoOFSDTBan4NCSNofsp36QFlv98UT97ZOAa_rnAso0WjPRIfXsdMP0hEEHeU1PrOqArR8se0_DOLXdAepTkjtLZ4p41SvNwAS7_kxXNdpNiJ7_dRE6rdE94pRRo0GyPZ4CpMpAMk5h_MkuvgvQ&sai=AMfl-YTqRi8g2effDBMN91Ri6gM6229bESXdpsM9TejUewwFv8bnJOPmtbALelMNP93U05BRMSmDul0I7cmP-au4HjGLkF6gZGoGRaZKzGqh6HqyinPkImWutlWV5RzZ&sig=Cg0ArKJSzNEJthmK_d4JEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20220817.46469&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Aug 2022 07:58:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 3D6F 8 KB
4 KB 9ms
3ms Script
application/javascript 2600:140b:400:1a9::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=11025772&cmp=28270974&sid=5775970&plc=341925104&num=&adid=&advid=9689188&adsrv=1&btreg=533908242&btadsrv=doubleclick&crt=175147885&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXcvc4yais-JUKm3Z_JJOsWpTTIp091Cx6-L1pI5s5k9YCa44o&d=CnkAoCZ_4A0ovXctk-rVZPtMekzd4dVsifAqbevQNJS2c2IDOHFbL2x9IpTYsh4lYtHqDxgeT2G7opqrrUqL0sNOoRjJpnInJAuZuAqnB2-0oCJHlMHk_v-eIQXm6rpLzr0QpwxJ8ydFq7dJ4hDhXEdBn5U1nFCSnLmzEokTAKAmf-AxicboyD7AdJAonJQBrPw02w3uZe7iAiGypTPvLGCfsdxpYAyD4--32SaPF3chkwk8OBUXnYPiuCcxFVTJOCn8eEOSF21Je2-uDJAUjc8L0S3mX64naq16JCSzWRne9n26ckziW42jjDEJRFsNJgzFxtHP0nPDUGrkhIJwL2clVPTFwB3Zkpayo6ml1-qn97PyMMihVJtEvYTr7btA9SWXB1wOUID5wQ82CiNiKyBZs7QGS0zGP9ZnuhXn68wd-PM2m2t1NUnBpOW-hMw44yBrSEchiGBk7gyAlqozlW-rBt3KX9nXUC1jSMOpvIisy-B7ElRfzvYfnnqI-p0it76_18dS9N6w7fLlSH_RYP4zEosciHke--aZwa2rXh3s50HfdWwyOmRqiewRSBf7PvRctRAXlLvqTAcYbOGDs8u9Fjrl4eTCn6mf6eXjf5uLQtNm2FIVGof3Nkh_f60PGmQhmocy2tI11FutWJoBlPA7NyzGhcLb22hG-qKIYiO4H5o1n3J3PUjggoJ2er_zhCLFaaE_MTYLD2BF2aRI8adDMecqZP3Sa0mdAL4VX1sgStfE59qkVjWBbXuE5Z-1eoK80bteuIM9ptMHh--laPoY4_a2FN13a4bghYTu6qSP1RI_5rACEMuKCtCgtPD7kiaKUyDkujrpDMi-mEG0c4zqUsCRoh1hlQWmT8qKM6Oe76sef5bS6hOBgctzNyF9tYxmA6rwRGJxkYhkz1MsTwxxlyU2erM_-XiZmX4QuB2TZlKOIHhD0s7p6E_XxoO1ICuv34XJfs4_axlsNmd4GgpWNtDOpV61ZEtdpvxDIVE6GNoUaVLJBc-zaGMDYwVyr5siaYgVTiih-ASr1U8EzVZB1cyG1SOZAghxoD-TXckLn3Olld9cgjhbrAZlTCUHLiTYUKQV3-OUUqHZ60XFFAnh-nDXUTlir1hr8WEcuBfWY_ICSXpCn9JAk5W_slwKkeXSILFg-bCOQOLC3PLmdX8llMTvV7vlMl_1agLH_T6XtUdcKdH3V2tIp9qlRgNZQUcZVfc5dnT4EobuJLxQ9RzYvuwdcJLzCAQWVSSJ4YbZ02fhwBiRyICuYeRF5yoWI9fMzCggVIa782xcuUaGamMRG709-KULgobuM6TBq46NyxHq5sjk5ygCThPhdK86Zej3OFi2z8Qks1UpXdCsqKXJYTmm_kqNy-MCA-ktniOzPDPx-r1Dg8D2qd1im1BACwmImc65xc7tzsjGMRmvXyjDD6rNZj1jP6MUKpsdhTW7wskhjzVW89MN-NFrKUjHdrKnj_PDlVTBMjCq3-L3jcEw_YPave6fq-pw-gOqwPYDbSC1JpA2Bv3DIFV_fmWNCXW9fks7pBX4CAZQ9WY58ZlKyT72DroMaFqCy4q2JzbGBPWd-mTTYESkM8euiRDkgGXZpOLbuxhcVhOu-7stGPTZ3q4VksmQNqNVY-EHgCroUf0iKl6A2BWGWpEFdxzcHjdtCOdQlacm1hrvnC7MDabn8pGnmzs_ZLV4-I_c_whLUEjBdKRK3dVY9K1k29fKiz7qFj8yp9NGet_DzFe3wLvrN6yAaRI9YmwpiqFdf0UaA5pFbD1qQSLt40yq13qUrN2VLpR55mLOLkwYKR6y-LL2ciI6yeDxgiRV-2JJ26WkKUAEssmStk7SIZTjt2yYKb-dTzD7PVKaQ2ucsJy0ISGLYheRrBtWOueNGN81nDnbnS2KqBv4i5qh_AwGOvqGCjO59g6X9weJysnmjfjjk719KkcKHhteoLP0S-MJliDI4aXihO_bt6SpXBuxI8bwextAC0UTM5eBq1D4_Hp8H4dZy74xqh_ek0A1FH93HYjbUdogBBJ1jlazVoKknpKS0-Iv0H4ljPysdE9bMz-WdY7mbgw-JpxJDzpe8ibpYm29AQqnjjZk0p11YtbV4Olh0TfbPHjGkn-eTz_ut_NziB4mVD2m9bXraP5V88yezz1EjdASCtMrL1x_oIy2rj3NHoYQdOBRs7QBZJDdFKoK-MaDF3V7VpLBczQYCPafeFzRn_Os2OBim4CvS7f--bGyudMNboJ1hZMmevEApCkKYyjZk5cX2kto7e_qtBLBOT3E-gjY4lV4G2ny9y7j8O6vfSAWafyQyKLbRUlCYknIWmsr8zaMcFjyfxOcJQB3NM6KnJOo7u3gpukY_6yM10QudPu3pNujCcrAKJClHdZ4bkfjJyHv6tDqMshf6igyzs2hUi8vzWgraFuoGJtqTSkRE7aluOPwg9atNwcH0WOOREzHw2Fuwiyup0SDgDkxGfhCV9ycD5gkWW1hJTS5xA-D7sJNv6Umn558OIjWZZmR1-w-ce_pqKOfk2sXrMwb7U2HBImbNbmr52XZQWqho1DCna8zatmRrnyamR8Y7QF5tkR0T3RS-RNflPQvBL8TPdjZdlJWTbR8Lyeyni9EyWG772MPlWYMhOruslYLCoCWmxrQ4V8WOgwvvtuV1aZ4yjzaioC8l79aB3Q2UTcDjgcPXGBFqrAZ08Oq2uoZu6-9DNl-sA6zgDi3tHipz_m1Uj2G8UZXLchK6IdSDTHPqG34VhnvLgfrvQyBuVKIO4OlIN5TgXbBpUCTgN-Dz0GmnuGfsuYDZrbOMPg9aYdpO0RmxpYAHJmGSNCQkufWfhMJOiUdwu6uv_Y8amIlocboeCWMeCaqOZdlM8YSdGgX6U9sDBrM3PjeeO_IXxeGfiNER3Wy9PW5a1QYb6maEevvMFIwq9-WkEKA2nlkLFTZiz_B4SgVkYwI3fZOQEnfMQOYne2KPaeRAV8U0g-SQXZn6QPfaWT9vRDJk_HC2u_AKI9tt6IcvLBFxYw6HRTHulxlt3B2sTa9EdeQdMKle9Qw-p2YOK7pB5gxM7l3QSfLHtgFXptkMtNziAVItmJZRmj7oMAa3tNG4jHTPC4zfGaNueEDy4z4871qxDlMPUSPKMj0jnV7TFvJQYT2QdyveazUkEGHFqeGN5ndIZtQU_Amy-i2NoM_IE32JzAt1v2f3ZAZ2pG-mNtVyFZVYRIBKdArECfj8bTrADtiHvd4emsh_QTwNSNgc0u-70SMUc1rEk8ZrEFpYbn3bzga-DGIVQWD7vI3Bnk2xzglGdlB9xSOcbqiIKy1QSMzqnSR8Gui1sGObZ8dzv4yxds0LTyAwQKXA13I3jrMwL_rhB4rBGhcwva9JNdi0v4fjXOMV5U7zy__9HaxBhX0dEr2npt1agB2cEsn-Wip7YkaKQgAEiXkaBQD0xLPb7NUXH-incpvPlFv98q9xvKfhIk1ZBrrEjIw2D89YAE
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:400:1a9::4469 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4075e4e380188626166832e49f139f780a4d7a98a12cd8d83ef1aac70fc57489

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:23 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Aug 2022 11:29:43 GMT
Server: Microsoft-IIS/10.0
ETag: "806d3afd50aad81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3314

GET
H3 200 15330217252126883201
s0.2mdn.net/simgad/ Frame 3D6F 95 KB
95 KB 18ms
14ms Image
image/jpeg 2404:6800:4004:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15330217252126883201

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

606811dc9009defbaed94ebbbb8944faee9ff0c6fb8376a07380599dafd9eddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 05:00:37 GMT
x-content-type-options: nosniff
age: 529066
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96988
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 06:23:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 13 Aug 2023 05:00:37 GMT

GET
H/1.1

200
OK

sync
t.myvisualiq.net/ul_cb/ Frame 3D6F
Redirect Chain

https://tapestry.tapad.com/tapestry/1?ta_partner_id=950&ta_redirect=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3D1001%26ao%3D0%26pruuid%3DTAPAD_%24%7BIDS%3Akey%7D
https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_c8e1979f-482f-4ff3-b6ec-ae460cce94bd
https://t.myvisualiq.net/ul_cb/sync?prid=1001&ao=0&pruuid=TAPAD_c8e1979f-482f-4ff3-b6ec-ae460cce94bd

43 B
573 B

249ms
248ms

Image
image/gif

3.122.152.143

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/ul_cb/sync?prid=1001&ao=0&pruuid=TAPAD_c8e1979f-482f-4ff3-b6ec-ae460cce94bd
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 3.122.152.143 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Fri, 19 Aug 2022 07:58:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://t.myvisualiq.net/ul_cb/sync?prid=1001&ao=0&pruuid=TAPAD_c8e1979f-482f-4ff3-b6ec-ae460cce94bd
Date: Fri, 19 Aug 2022 07:58:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

impression_pixel
t.myvisualiq.net/ul_cb/ Frame 3D6F
Redirect Chain

https://t.myvisualiq.net/impression_pixel?r=848046535&et=i&ago=212&ao=843&aca=28270974&si=5775970&ci=175147885&pi=341925104&ad=533908242&advt=9689188&chnl=-7&vndr=115&sz=9606&u=~-~DBM_17824055734_4...
https://t.myvisualiq.net/ul_cb/impression_pixel?r=848046535&et=i&ago=212&ao=843&aca=28270974&si=5775970&ci=175147885&pi=341925104&ad=533908242&advt=9689188&chnl=-7&vndr=115&sz=9606&u=~-~DBM_1782405...

43 B
573 B

254ms
254ms

Image
image/gif

3.122.152.143

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/ul_cb/impression_pixel?r=848046535&et=i&ago=212&ao=843&aca=28270974&si=5775970&ci=175147885&pi=341925104&ad=533908242&advt=9689188&chnl=-7&vndr=115&sz=9606&u=~-~DBM_17824055734_436237023_ABAjH0jEj9g2Y8coCAIWk2k0rm69~-~&viq_did=&pt=i
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 3.122.152.143 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Fri, 19 Aug 2022 07:58:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://t.myvisualiq.net/ul_cb/impression_pixel?r=848046535&et=i&ago=212&ao=843&aca=28270974&si=5775970&ci=175147885&pi=341925104&ad=533908242&advt=9689188&chnl=-7&vndr=115&sz=9606&u=~-~DBM_17824055734_436237023_ABAjH0jEj9g2Y8coCAIWk2k0rm69~-~&viq_did=&pt=i
Date: Fri, 19 Aug 2022 07:58:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D163 1 KB
751 B 3ms
2ms Document
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 83285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 08:50:18 GMT
etag: 48472445140208031
expires: Fri, 19 Aug 2022 08:50:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3D6F 0
26 B 41ms
41ms Ping
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Aug 2022 07:58:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 3D6F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91d1c5caf31f2a5679ad8ae7689eec4cd42485f38e00b194858e510a6694c00b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dv-measurements2960.js Show response
cdn.doubleverify.com/ Frame 02D1 552 KB
106 KB 3ms
3ms Script
application/javascript 2600:140b:400:1a9::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2960.js
Requested by: Host: cloudo3.com
URL: https://cloudo3.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:400:1a9::4469 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 643942a00b0c0700ad1d39d440c61776f2cb6d3d1267830dc128637e15ecf9fd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:23 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Aug 2022 10:10:38 GMT
Server: Microsoft-IIS/10.0
ETag: "0e3fcf045aad81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 107745

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 29BB 43 B
215 B 172ms
171ms Image
image/gif 2600:1f18:1aca:4282:926:ca47:6d94:f346
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1109672&asId=7cc3d24f-1ed1-6da4-9b95-3e0a9f1ad477&tv=%7Bc:lINk4r,pingTime:-10,time:862,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNC4wLjUxMTIuMTAxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1660895903482%7C%7Ca4585493d85209b54c1df88cc54da486%7C%7C5804921a8d3c64b26a083c50aad655e9%7C%7Ca701a5c2a0167d54555b758e3277c99b%7C%7C5de31f4b911eabcdcbe2c05ff796dd71%7C%7C11f4871c6af3e9399c76d55127090c03%7C%7C8e19af9d6e3992566f509f675d52c201%7C%7Ce2306dee48dc75b59cd2d89f12cc7e1a%7C%7C1629390669%7D
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:926:ca47:6d94:f346 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mti/20743/ Frame 70B0 9 KB
9 KB 413ms
121ms Document
text/html 35.166.70.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mti/20743/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__icGHzSloME8NZ1QqlTIwRoPnWSbERH3Wb7BYkdwo-L-V_lfQhy3D-HN5abr-ivStFUdgwgfdqot4gy6UX6ZlYM7k2ocivz-PCYvsDIqhhwwilzalPT4DtpvehC12MFsk9F8JhKRg0pYCXZAZ1ryz1VZ9VPRf3jZJq4M8yBxhP2cqyal6uBBiJrVACB2kfiMqdoqh30cOf60HSHlaTD4cvYOPggEAToBCihkIjMG-EGBFfLoNbaIReG-bqdCTHXjysdrYPMAAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsu5zT66FE19UeJFQHBbd49GuKxgEypyUY2yoIZ0GxhXM3Su5baFVbgOGAEevrVwxsT0gjug8QYge3lJlOSDhmRUDTMPTuFbLahufNEIuALswB3cx5byvbDKYzFn3-FzUhm_nIYm88ur-F6Ehbv5WdAKUoqdUY6TnjWlOJ6CL4KkZynO99IjS8XodHriPzFaopZijo5pw_dbYxA2yQCAkboZzueQ9-Yzyhyo6kZSmTU6956fLfJU_9TIf6-1L1uBR9_L9Bwlr2iiv2uwjTz7jfU8K_floHUPwpDcRDVPIjlBAT_uO5V3JzNpTQoszJ9YPN689nn9Q6UYs6yFSMSxYQQCz0tcoCMqV5fa_WcOujIHowF0bX8MLe2yfec9K9S7w4hFJOdBKtfyEuow4BxJ_oJ-NcQZ4ic2A-JqY7ZCkNE1eOHXwni92YMXnsZ4VGf9nBEFJtcFpyX4C-Qv_dIht9pOcXur1kV-2zEzRkiYCSoshE15KgA0h2nDeexY08GHLg4pHI01xqjh0crmiKCTO5sQa8CMV3Pm0BXl-NvyHOUjK5d44Nkktj43fBJU3hYkYiJkgHgPL3qSAiXaHI8KGdG_NaXohfcHtD43-gQhNoV_9OKQmJjHcv71U8DhOZpyywZR7iyVtsQSdkliQDgnYdVCJ0YRY3bwfbcR2Heqqpbthi98zKDd87gUavuWM-9uqsIbM_8naVGATe-JDim0fdvVFzMuNYxuF03ICcVF4mEEfn6OsZIQVH2t1Gtjf0rCVWYp4xtimDgja9GyL4rYq0VxhY966ceXzz2zk-pR9nPWpVNNbGnWMDwj1ZoRV0UdQ3yNP-fvXUnvhJRDsqqDV9jTpmPKfR9iIQk7SoqBtleiOaQzHiaP9AnScnph2LALliimZ51e6AKAwo-AWRx5rJulSzGtfm-zezxFsGgT24_6TXyxBEJ6GbqSHKed6cTddUhHC6kUWUaOoGHOpIuOoGo5GtPJ-0vUCQhNYk2DcYnp-W0W-r7iwqmS1d0Ul_ojoTH0Mx6DRyDp-RO2xQB4BncKCVWXdac2x_BPQ-lem-TFAGMoxLwK3RtAPLfa0-WsRw-XtAebp8r3zfxQCCM2yaPcL6DoSI4zarllNGmSZJI64Ly7bWNlZxkqr7IJfn6HEsXvZADlyY__Ph_YQpTxxl3-q6D6-knRf0GszqUd-3H5Yb85Hec2ouGNq0-4BdNDuoN4pa8%2526sai%253DAMfl-YRa7sTSlDqWs_LlUnixEon-R2_64Dvs2OGcdHAqU6XEC3g3UqChZqRL2QxbBZdbs7xGm8bOYhzVqsHkv_eDBhtxJl4EbBU1ozuhnggtFn29HY_K7MxCONxXxbcIhm2N4jwx9XEQGNGnfdPzzKAg9-TwCHTnoaTASv8HWRHIGDgvDtMUCNy3edQKIQwh_i4Ig972YNkLypvN8kY6Woq1Pi-swfoCyEkOzGA%2526sig%253DCg0ArKJSzLkrr4nYZ-puEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=28195199&PLCMT_ID=341376302&AD_ID=534000586&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=341376302&cachebuster=1660895872&TC_1=cmm9q5m2ohy&TC_2=28195199&TC_3=341376302&TC_4=175149797&TC_5=dcmadvertiserid|8404942$dcmcampaignid|28195199$dcmadid|534000586$dcmrenderingid|175540445$dcmsiteid|6958819$dcmplacementid|341376302$customer|Microsoft$dv360auctionid|
Requested by: Host: cmp-as-tm.everesttech.net
URL: https://cmp-as-tm.everesttech.net/ads/cmp/s/2021/457933?w=160&h=600&s=5&dsp=Google+DCM&clk=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsu5zT66FE19UeJFQHBbd49GuKxgEypyUY2yoIZ0GxhXM3Su5baFVbgOGAEevrVwxsT0gjug8QYge3lJlOSDhmRUDTMPTuFbLahufNEIuALswB3cx5byvbDKYzFn3-FzUhm_nIYm88ur-F6Ehbv5WdAKUoqdUY6TnjWlOJ6CL4KkZynO99IjS8XodHriPzFaopZijo5pw_dbYxA2yQCAkboZzueQ9-Yzyhyo6kZSmTU6956fLfJU_9TIf6-1L1uBR9_L9Bwlr2iiv2uwjTz7jfU8K_floHUPwpDcRDVPIjlBAT_uO5V3JzNpTQoszJ9YPN689nn9Q6UYs6yFSMSxYQQCz0tcoCMqV5fa_WcOujIHowF0bX8MLe2yfec9K9S7w4hFJOdBKtfyEuow4BxJ_oJ-NcQZ4ic2A-JqY7ZCkNE1eOHXwni92YMXnsZ4VGf9nBEFJtcFpyX4C-Qv_dIht9pOcXur1kV-2zEzRkiYCSoshE15KgA0h2nDeexY08GHLg4pHI01xqjh0crmiKCTO5sQa8CMV3Pm0BXl-NvyHOUjK5d44Nkktj43fBJU3hYkYiJkgHgPL3qSAiXaHI8KGdG_NaXohfcHtD43-gQhNoV_9OKQmJjHcv71U8DhOZpyywZR7iyVtsQSdkliQDgnYdVCJ0YRY3bwfbcR2Heqqpbthi98zKDd87gUavuWM-9uqsIbM_8naVGATe-JDim0fdvVFzMuNYxuF03ICcVF4mEEfn6OsZIQVH2t1Gtjf0rCVWYp4xtimDgja9GyL4rYq0VxhY966ceXzz2zk-pR9nPWpVNNbGnWMDwj1ZoRV0UdQ3yNP-fvXUnvhJRDsqqDV9jTpmPKfR9iIQk7SoqBtleiOaQzHiaP9AnScnph2LALliimZ51e6AKAwo-AWRx5rJulSzGtfm-zezxFsGgT24_6TXyxBEJ6GbqSHKed6cTddUhHC6kUWUaOoGHOpIuOoGo5GtPJ-0vUCQhNYk2DcYnp-W0W-r7iwqmS1d0Ul_ojoTH0Mx6DRyDp-RO2xQB4BncKCVWXdac2x_BPQ-lem-TFAGMoxLwK3RtAPLfa0-WsRw-XtAebp8r3zfxQCCM2yaPcL6DoSI4zarllNGmSZJI64Ly7bWNlZxkqr7IJfn6HEsXvZADlyY__Ph_YQpTxxl3-q6D6-knRf0GszqUd-3H5Yb85Hec2ouGNq0-4BdNDuoN4pa8%26sai%3DAMfl-YRa7sTSlDqWs_LlUnixEon-R2_64Dvs2OGcdHAqU6XEC3g3UqChZqRL2QxbBZdbs7xGm8bOYhzVqsHkv_eDBhtxJl4EbBU1ozuhnggtFn29HY_K7MxCONxXxbcIhm2N4jwx9XEQGNGnfdPzzKAg9-TwCHTnoaTASv8HWRHIGDgvDtMUCNy3edQKIQwh_i4Ig972YNkLypvN8kY6Woq1Pi-swfoCyEkOzGA%26sig%3DCg0ArKJSzLkrr4nYZ-puEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&dsp_bu_id=28195199&dsp_pa_id=341376302&dsp_si_id=6958819&dsp_ad_id=534000586&dsp_cr_id=175149797&dp1=341376302&tc_1=cmm9q5m2ohy&tc_2=28195199&tc_3=341376302&tc_4=175149797&tc_5=dcmadvertiserid|8404942$dcmcampaignid|28195199$dcmadid|534000586$dcmrenderingid|175540445$dcmsiteid|6958819$dcmplacementid|341376302$customer|Microsoft$dv360auctionid|
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.70.223 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-70-223.us-west-2.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: cf0b920168c8eed2e39b10b11c69b62ab9ceda384203ab3e607fad14dcece1bc

Request headers

Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: text/html;charset=utf-8
date: Fri, 19 Aug 2022 07:58:23 GMT
expires: Fri Aug 19 07:58:23 UTC 2022
p3p: NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT
pragma: no-cache
server: AMO-jAds/1.1

GET
H2 200 imp
statsf-tm.everesttech.net/stats/1/ Frame 29BB 85 B
176 B 884ms
870ms Image
image/png 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statsf-tm.everesttech.net/stats/1/imp?cmpo=t&cmpe=H4sIAAAAAAAAAAHAAD__icGHzSloME8NZ1QqlTIwRoPnWSbERH3Wb7BYkdwo-L-V_lfQhy3D-HN5abr-ivStFUdgwgfdqot4gy6UX6ZlYM7k2ocivz-PCYvsDIqhhwwilzalPT4DtpvehC12MFsk9F8JhKRg0pYCXZAZ1ryz1VZ9VPRf3jZJq4M8yBxhP2cqyal6uBBiJrVACB2kfiMqdoqh30cOf60HSHlaTD4cvYOPggEAToBCihkIjMG-EGBFfLoNbaIReG-bqdCTHXjysdrYPMAAAAA
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:24 GMT
via: 1.1 varnish
x-pt: P=379
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits: 0
x-region: Asia
content-length: 85
x-served-by: cache-tyo11920-TYO
pragma: no-cache
server: Jetty(9.4.35.v20201120)
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Fri, 19 Aug 2022 07:58:24 GMT

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mti/20743/ Frame 0C28 9 KB
9 KB 515ms
234ms Document
text/html 35.166.70.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mti/20743/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__aOhazz3vVtdCrbylgtnnrONeraAFVY-ykhqlgrRMZyjPRpJljUohppBY16T1Yoq7wIrqaRMqES6on9UXuJVhShm8WHblcnypRgUBvdo2e6eSB7HIVuiKeLDNwfaJfMDH1Psu9q38ylXKu8xEIKJaC_yoLfr-1rdC-ZqdO3G9r7Iwi-ES-DavGZFMj3MppX6u61RrNUv1RsdejIaXiteXTKmuFo6ooqgEPhNcti0mqwtL0_eAadQShDKSoEHDnGOo5kH5YcAAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsuvpEVPWSCafncHCgkVqJJDAhsGGaCrF2TnVdAv_0KjaOgZ5ygn1HhzRWhGyFtxkJZKn4nssFsVP6AqhyRzKKXsx8m-0wdgkfQFUlK7aSmyC0S4beYFkt8aBFTjwfY11xJFkgXyUFgGCbC4AMgAe5cPRIlxAUipA-vDY9XoEtaeoHGDJJaJMQw12EMsm791caXc6BNPhaQAt4MEuDrWqY5drrMD6EmwoGUQ3xMYju5W2XXUHCYXyMPHHOvg-yrYzhrTrFh-EPSmsUA1fUtD3NmsF6Vb4-9eS-R7XP0RgoVZL0XV3aSwdXAS8M5q4ZTLFlupVkF97PxSdcpaiqgoy_9MmcmfSa2rxD0-xRVZrhiykRw6y_fhTNJuXpltN6J6iR6dF0lNzGag6prkbg4fZdB01Pdkxhh9GK8tW8nzI0etczC6w49RH4gLG9k-qirHev6HzGl1GyfizEowJVtimJWu7Ys8_q0TSW3eOilSKM-4sJA20UX3J3c0b-RLV8dyWGeU2oMCauxNQBS-YrsPlMfBy2_PCGQrjGu__KvQcgatpyReVlqXOSl3Y3uySpb6mWQNSaMP-qI-PFCGJuvlyFnY2PoN1KK7gc_lHyNi3Z7PkMkElOouPuBOC92MfZxRxaOOW-pI0PkZAoRX2qu1s59ykeH4jsCFHMXImtNfmPNyOT17ZTtHaNqkSKv5X5bqY1szjF6sXN0aaEroPJyKQiNozMnwIcTEjtsbNhyhG6arI9sI0uPGDneJ_ol481UzCHnY37eCXPvRjHsp40mEfqhEq14uPQ8taf5cDAp5MjiURjZomoHt_boEvt0vIMbA_AhyFgbHEwy0r1XwPrbWvuGqz5EYP1kPl6ofvn4dXrKKId-E3R8aPnuNsFGx4_rakEdo7kK0T1eUfAAvWeondklu7gTaCiO574tEzMq2PgguCjraz4a5tqi9rAkWbOKVj5Kwe2NxHR0INmzJX5Uxb6kn1E_z_2iHd8_c6xjlh7oybYz0Dpx-vLKc3sBIVYV_wwLWowUp7LhDHt-nPAxG_gkrfskk0n22Ndg6eoFbKcprtTo54bIIP6EWPfqy-fRsYQD2mcvZJAzDq2l59h2WHPstqS3Olk1Xyfut1cGuDlXfTG21ZQ8KheWVhrsKu7a27VOrnAl9_xRPk4uwr0IuYL3afNoxCpJNX7vaqd5YSFbLG5aOMVMOO2vLmuKGl0X2fNZzdLXqTsEO%2526sai%253DAMfl-YRfesTWX_bR-y98Ru-t31V5KCi8M2XXhuRWOUqlqwRLisMbp59kOJOBO2bK_BE-n5zheT9AS9NtFhcPIOWEz7I_SQUawQvcYIz3y8FqhvF-zor2EPS8RRmBHPFPyJQexYnJx7r24WKH3oJW-fctCNHD7xNvYJD6Mw6u6T7fuPNM9W-Nit-OCmAKF8SfwiSJsU5JailJm_c_dqEu9MSWHjwvn_wov0wGD7k%2526sig%253DCg0ArKJSzPekn0F5kSKTEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=28195199&PLCMT_ID=341376302&AD_ID=534000586&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=341376302&cachebuster=1660895872&TC_1=cmm9q5m2ohy&TC_2=28195199&TC_3=341376302&TC_4=175149797&TC_5=dcmadvertiserid|8404942$dcmcampaignid|28195199$dcmadid|534000586$dcmrenderingid|175540445$dcmsiteid|6958819$dcmplacementid|341376302$customer|Microsoft$dv360auctionid|
Requested by: Host: cmp-as-tm.everesttech.net
URL: https://cmp-as-tm.everesttech.net/ads/cmp/s/2021/457933?w=160&h=600&s=5&dsp=Google+DCM&clk=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuvpEVPWSCafncHCgkVqJJDAhsGGaCrF2TnVdAv_0KjaOgZ5ygn1HhzRWhGyFtxkJZKn4nssFsVP6AqhyRzKKXsx8m-0wdgkfQFUlK7aSmyC0S4beYFkt8aBFTjwfY11xJFkgXyUFgGCbC4AMgAe5cPRIlxAUipA-vDY9XoEtaeoHGDJJaJMQw12EMsm791caXc6BNPhaQAt4MEuDrWqY5drrMD6EmwoGUQ3xMYju5W2XXUHCYXyMPHHOvg-yrYzhrTrFh-EPSmsUA1fUtD3NmsF6Vb4-9eS-R7XP0RgoVZL0XV3aSwdXAS8M5q4ZTLFlupVkF97PxSdcpaiqgoy_9MmcmfSa2rxD0-xRVZrhiykRw6y_fhTNJuXpltN6J6iR6dF0lNzGag6prkbg4fZdB01Pdkxhh9GK8tW8nzI0etczC6w49RH4gLG9k-qirHev6HzGl1GyfizEowJVtimJWu7Ys8_q0TSW3eOilSKM-4sJA20UX3J3c0b-RLV8dyWGeU2oMCauxNQBS-YrsPlMfBy2_PCGQrjGu__KvQcgatpyReVlqXOSl3Y3uySpb6mWQNSaMP-qI-PFCGJuvlyFnY2PoN1KK7gc_lHyNi3Z7PkMkElOouPuBOC92MfZxRxaOOW-pI0PkZAoRX2qu1s59ykeH4jsCFHMXImtNfmPNyOT17ZTtHaNqkSKv5X5bqY1szjF6sXN0aaEroPJyKQiNozMnwIcTEjtsbNhyhG6arI9sI0uPGDneJ_ol481UzCHnY37eCXPvRjHsp40mEfqhEq14uPQ8taf5cDAp5MjiURjZomoHt_boEvt0vIMbA_AhyFgbHEwy0r1XwPrbWvuGqz5EYP1kPl6ofvn4dXrKKId-E3R8aPnuNsFGx4_rakEdo7kK0T1eUfAAvWeondklu7gTaCiO574tEzMq2PgguCjraz4a5tqi9rAkWbOKVj5Kwe2NxHR0INmzJX5Uxb6kn1E_z_2iHd8_c6xjlh7oybYz0Dpx-vLKc3sBIVYV_wwLWowUp7LhDHt-nPAxG_gkrfskk0n22Ndg6eoFbKcprtTo54bIIP6EWPfqy-fRsYQD2mcvZJAzDq2l59h2WHPstqS3Olk1Xyfut1cGuDlXfTG21ZQ8KheWVhrsKu7a27VOrnAl9_xRPk4uwr0IuYL3afNoxCpJNX7vaqd5YSFbLG5aOMVMOO2vLmuKGl0X2fNZzdLXqTsEO%26sai%3DAMfl-YRfesTWX_bR-y98Ru-t31V5KCi8M2XXhuRWOUqlqwRLisMbp59kOJOBO2bK_BE-n5zheT9AS9NtFhcPIOWEz7I_SQUawQvcYIz3y8FqhvF-zor2EPS8RRmBHPFPyJQexYnJx7r24WKH3oJW-fctCNHD7xNvYJD6Mw6u6T7fuPNM9W-Nit-OCmAKF8SfwiSJsU5JailJm_c_dqEu9MSWHjwvn_wov0wGD7k%26sig%3DCg0ArKJSzPekn0F5kSKTEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&dsp_bu_id=28195199&dsp_pa_id=341376302&dsp_si_id=6958819&dsp_ad_id=534000586&dsp_cr_id=175149797&dp1=341376302&tc_1=cmm9q5m2ohy&tc_2=28195199&tc_3=341376302&tc_4=175149797&tc_5=dcmadvertiserid|8404942$dcmcampaignid|28195199$dcmadid|534000586$dcmrenderingid|175540445$dcmsiteid|6958819$dcmplacementid|341376302$customer|Microsoft$dv360auctionid|
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.70.223 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-70-223.us-west-2.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: 83708d8edf30d5f37508415f9b86fbf492a40a971cddbb5073609ecd17b973db

Request headers

Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: text/html;charset=utf-8
date: Fri, 19 Aug 2022 07:58:23 GMT
expires: Fri Aug 19 07:58:23 UTC 2022
p3p: NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT
pragma: no-cache
server: AMO-jAds/1.1

GET
H2 200 imp
statsf-tm.everesttech.net/stats/1/ Frame CF93 85 B
352 B 218ms
215ms Image
image/png 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statsf-tm.everesttech.net/stats/1/imp?cmpo=t&cmpe=H4sIAAAAAAAAAAHAAD__aOhazz3vVtdCrbylgtnnrONeraAFVY-ykhqlgrRMZyjPRpJljUohppBY16T1Yoq7wIrqaRMqES6on9UXuJVhShm8WHblcnypRgUBvdo2e6eSB7HIVuiKeLDNwfaJfMDH1Psu9q38ylXKu8xEIKJaC_yoLfr-1rdC-ZqdO3G9r7Iwi-ES-DavGZFMj3MppX6u61RrNUv1RsdejIaXiteXTKmuFo6ooqgEPhNcti0mqwtL0_eAadQShDKSoEHDnGOo5kH5YcAAAAA
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:23 GMT
via: 1.1 varnish
x-pt: P=175
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits: 0
x-region: Asia
content-length: 85
x-served-by: cache-tyo11920-TYO
pragma: no-cache
server: Jetty(9.4.35.v20201120)
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Fri, 19 Aug 2022 07:58:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1BED 1 KB
751 B 2ms
2ms Document
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 83285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 08:50:18 GMT
etag: 48472445140208031
expires: Fri, 19 Aug 2022 08:50:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A736 1 KB
751 B 3ms
2ms Document
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 83285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 08:50:18 GMT
etag: 48472445140208031
expires: Fri, 19 Aug 2022 08:50:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 29BB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a4e9ce00cd94a19e58d8fce21b6580b42f15bcf926cc2b2c0f06af2e09c0231

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CF93 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 512a01a7575956f163709351485663ea58aa5ce339aed436364ef81c4fc5e631

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 02D1 1009 B
857 B 330ms
98ms Script
text/javascript 69.174.120.105
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=107&ttfrms=25&brid=3&brver=104.0.5112.101&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau4%3D%40F5%40b%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau4%3D%40F5%40b%5D4%40%3ETar9EEADTbpTauTau5afch222%60gehbb3h4_a%60cc56%60ae3gh2c%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=3297&ddur=20&uid=1660895903587567&jsCallback=dvCallback_1660895903587746&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.101%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=2960&tgjsver=2960&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fd2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=23&brh=2&sdf=2&dvp_epl=217&noc=4&nav_pltfrm=Win32&ctx=11025772&cmp=28270974&sid=5775970&plc=341925104&crt=175147885&btreg=533908242&btadsrv=doubleclick&adsrv=1&advid=9689188&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=134773217.99124077&dvp_tukv=6848347637.049732&dvp_uuid=4784066079.919&dvp_strhd=0.40000152587890625&dvpx_strhd=0.40000152587890625&dvp_tuid=359233605855
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2960.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.174.120.105 Avondale, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 735714f4a98c762a2017a2bd61319e06c8b94eb993b0947c2656d7e0b5be118c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Aug 2022 07:58:23 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 08/18/2022 07:58:23

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D163
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGEjWOqetpU3JLkTpoV5Gjc&google_cver=1&google_push=AehlK4CzkSPeR_yxq2myD9I00FFHKk0Wt-RvR8LQna6xzDDdvLBKVyC8xNnT-Zlst2xZmpxhIsRfs3zt02Mvsqdc...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4CzkSPeR_yxq2myD9I00FFHKk0Wt-RvR8LQna6xzDDdvLBKVyC8xNnT-Zlst2xZmpxhIsRfs3zt02MvsqdcQ3tKeatQIKN0DA

170 B
188 B

89ms
88ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4CzkSPeR_yxq2myD9I00FFHKk0Wt-RvR8LQna6xzDDdvLBKVyC8xNnT-Zlst2xZmpxhIsRfs3zt02MvsqdcQ3tKeatQIKN0DA

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 19 Aug 2022 07:58:23 GMT
Server: MT3 4494 7cf1da7 master hkg-pixel-x20 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4CzkSPeR_yxq2myD9I00FFHKk0Wt-RvR8LQna6xzDDdvLBKVyC8xNnT-Zlst2xZmpxhIsRfs3zt02MvsqdcQ3tKeatQIKN0DA
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 19 Aug 2022 07:58:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D163
Redirect Chain

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEMTN3BTTXMyhthW7I1iqdbk&google_cver=1&google_push=AehlK4A4zIZ5g3iZwuTF3hVaOxn4s2W4VagrVTjJ2QLI8Mah0j01lriaC6ilw_0OzBGJNDXIPMkdQBQhwPjoAxveBf8UKmH9...
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AehlK4A4zIZ5g3iZwuTF3hVaOxn4s2W4VagrVTjJ2QLI8Mah0j01lriaC6ilw_0OzBGJNDXIPMkdQBQhwPjoAxveBf8UKmH9pvhyOA

170 B
188 B

85ms
85ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AehlK4A4zIZ5g3iZwuTF3hVaOxn4s2W4VagrVTjJ2QLI8Mah0j01lriaC6ilw_0OzBGJNDXIPMkdQBQhwPjoAxveBf8UKmH9pvhyOA

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AehlK4A4zIZ5g3iZwuTF3hVaOxn4s2W4VagrVTjJ2QLI8Mah0j01lriaC6ilw_0OzBGJNDXIPMkdQBQhwPjoAxveBf8UKmH9pvhyOA
Date: Fri, 19 Aug 2022 07:58:23 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D163
Redirect Chain

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEGgZ4LsKhp7V9mSfgyUrwJs&google_cver=1&google_push=AehlK4Dpv8xg3pSBMhqv7sOyXWkkGI3WLMd2la_0TXyq84zvLtmIZEZbm7XYX6Vjv23w6SD-RUvczaSjbN_fAWczs...
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEGgZ4LsKhp7V9mSfgyUrwJs&google_cver=1&google_push=AehlK4Dpv8xg3pSBMhqv7sOyXWkkGI3WLMd2la_0TXyq84zvLtmIZEZbm7XYX6Vjv23w6SD-RUvczaSjbN_...
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AehlK4Dpv8xg3pSBMhqv7sOyXWkkGI3WLMd2la_0TXyq84zvLtmIZEZbm7XYX6Vjv23w6SD-RUvczaSjbN_fAWczsOouBmPF99YTUg&google_hm=VGcPgg44RIaR...

170 B
188 B

90ms
89ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AehlK4Dpv8xg3pSBMhqv7sOyXWkkGI3WLMd2la_0TXyq84zvLtmIZEZbm7XYX6Vjv23w6SD-RUvczaSjbN_fAWczsOouBmPF99YTUg&google_hm=VGcPgg44RIaRX4j3e_NwIg==

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AehlK4Dpv8xg3pSBMhqv7sOyXWkkGI3WLMd2la_0TXyq84zvLtmIZEZbm7XYX6Vjv23w6SD-RUvczaSjbN_fAWczsOouBmPF99YTUg&google_hm=VGcPgg44RIaRX4j3e_NwIg==
Date: Fri, 19 Aug 2022 07:58:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET adx_sync
ad.audience73.com/ Frame D163 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D163
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEOHohCojwm7qirEkzDBGD64&c_param1=AehlK4AZMfpO_sPHB5Mtg7SgHX5eovSry0iUeP59NcbPETLCgoFOie3adKQgaE7Y69WzoN4610nM0go7JL3WcRW0Iu185fPpqbEWRQ&gdpr=%%GDPR%...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4AZMfpO_sPHB5Mtg7SgHX5eovSry0iUeP59NcbPETLCgoFOie3adKQgaE7Y69WzoN4610nM0go7JL3WcRW0Iu185fPpqbEWRQ

170 B
188 B

40ms
40ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4AZMfpO_sPHB5Mtg7SgHX5eovSry0iUeP59NcbPETLCgoFOie3adKQgaE7Y69WzoN4610nM0go7JL3WcRW0Iu185fPpqbEWRQ

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4AZMfpO_sPHB5Mtg7SgHX5eovSry0iUeP59NcbPETLCgoFOie3adKQgaE7Y69WzoN4610nM0go7JL3WcRW0Iu185fPpqbEWRQ
date: Fri, 19 Aug 2022 07:58:24 GMT
server: nginx/1.19.0
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D163
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGP1TCNObYLOU7LjS3utoW0&google_cver=1&google_push=AehlK4BavOtS80hGkgrm4Tcp1HqHbh9deYaWIpP-jC_TCFIs2rXkrD1WEB3JZK1PFUxD9rtzh0gpEb2WY4lnM...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGP1TCNObYLOU7LjS3utoW0&google_push=AehlK4BavOtS80hGkgrm4Tcp1HqHbh9deYaWIpP-jC_TCFIs2rXkrD1WEB3JZK1PFUxD9rtzh0gpEb2WY4lnM...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4BavOtS80hGkgrm4Tcp1HqHbh9deYaWIpP-jC_TCFIs2rXkrD1WEB3JZK1PFUxD9rtzh0gpEb2WY4lnMODceeF3MzRdhR7Dug&google_hm=ejBnc0xzcXB5ZUtzYX...

170 B
188 B

39ms
38ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4BavOtS80hGkgrm4Tcp1HqHbh9deYaWIpP-jC_TCFIs2rXkrD1WEB3JZK1PFUxD9rtzh0gpEb2WY4lnMODceeF3MzRdhR7Dug&google_hm=ejBnc0xzcXB5ZUtzYXdzNzBIRkI=

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 19 Aug 2022 07:58:24 GMT
P3p: CP="We do not support P3P header."
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4BavOtS80hGkgrm4Tcp1HqHbh9deYaWIpP-jC_TCFIs2rXkrD1WEB3JZK1PFUxD9rtzh0gpEb2WY4lnMODceeF3MzRdhR7Dug&google_hm=ejBnc0xzcXB5ZUtzYXdzNzBIRkI=
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 238
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D163
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEOSnflgUC2XXiJrJK2G3eJo&google_cver=1&google_push=AehlK4B3XVvn0DbRfPmKlci6BigFXY1NSbJwOyJOf2Qx7mlqdvYZTmzbZ5DCoZdAJlsrftm3jXsMS...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4B3XVvn0DbRfPmKlci6BigFXY1NSbJwOyJOf2Qx7mlqdvYZTmzbZ5DCoZdAJlsrftm3jXsMSNl8cl-iw2ayKBrI1JRU8muwaQ&google_hm=WXY5Q244Q...

170 B
188 B

101ms
101ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4B3XVvn0DbRfPmKlci6BigFXY1NSbJwOyJOf2Qx7mlqdvYZTmzbZ5DCoZdAJlsrftm3jXsMSNl8cl-iw2ayKBrI1JRU8muwaQ&google_hm=WXY5Q244Q284WVVBQUVYZENuZ0FBQUFB

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 21
Date: Fri, 19 Aug 2022 07:58:23 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEOSnflgUC2XXiJrJK2G3eJo&google_cver=1&google_push=AehlK4B3XVvn0DbRfPmKlci6BigFXY1NSbJwOyJOf2Qx7mlqdvYZTmzbZ5DCoZdAJlsrftm3jXsMSNl8cl-iw2ayKBrI1JRU8muwaQ","cluster_id":21,"gdpr":false,"ipv4":"217.138.252.171","key":"Yv9Cn8Co8YUAAEXdCngAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40187"}
X-SO-Ads-Time: 3
X-SO-Key: Yv9Cn8Co8YUAAEXdCngAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40187
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4B3XVvn0DbRfPmKlci6BigFXY1NSbJwOyJOf2Qx7mlqdvYZTmzbZ5DCoZdAJlsrftm3jXsMSNl8cl-iw2ayKBrI1JRU8muwaQ&google_hm=WXY5Q244Q284WVVBQUVYZENuZ0FBQUFB
Cache-Control: private
X-SO-HostName: a-ad40187.dc2p.scaleout.jp
Connection: keep-alive
Content-Length: 0
X-SO-LB-Hostname: m-tgng33.dc4p.scaleout.jp
X-SO-IP: 217.138.252.171

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D163 0
12 B 96ms
95ms Image
text/html 172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-DLFY6bfuZt6On2kNxbZ2KhkTzzD2tpAUa3gwq99QDUSahTA58z7SrI-nbXSYeHVxcESV

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1BED
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESENVU-BDS0uL4R5LAnT7HIWg&google_cver=1&google_push=AehlK4C-FWRetMv8-6AGvn9cV1xth-FiaLiV7SxBvzzMtgAl10KnHStB5mRlf-QCUoEeogJqAPaU1...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4C-FWRetMv8-6AGvn9cV1xth-FiaLiV7SxBvzzMtgAl10KnHStB5mRlf-QCUoEeogJqAPaU1wEP_qVl2dpROSfB22UyjoJD

170 B
188 B

88ms
88ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4C-FWRetMv8-6AGvn9cV1xth-FiaLiV7SxBvzzMtgAl10KnHStB5mRlf-QCUoEeogJqAPaU1wEP_qVl2dpROSfB22UyjoJD

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 19 Aug 2022 07:58:23 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 2995B78D51F74FA18E7F01F4C2B3F41E Ref B: TYBEDGE0307 Ref C: 2022-08-19T07:58:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4C-FWRetMv8-6AGvn9cV1xth-FiaLiV7SxBvzzMtgAl10KnHStB5mRlf-QCUoEeogJqAPaU1wEP_qVl2dpROSfB22UyjoJD
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXmk3ZZK+egXcDGZVjz6w==

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 1BED 0
173 B 94ms
81ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELI_fppdH-6g-lZd1ZgQN70&google_cver=1&google_push=AehlK4CqtmsHlPbDXnkWRodE51SFIJ-Zlv5PuhXNJf_Zs4HJ6YgQBu7IW1-2Q1gLNDvi1VC-mUXaldgm57xOgLO7icRrXpMLbUA
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1BED
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEMFvWev2YRQ9OxKYTzTSBts&google_cver=1&google_push=AehlK4DiChN7mXnHtJ62MllUp2a0jI3HPSEeQwuxb16DwQPzabrlvc6FXDVH2WCyqQInPV3ShZTqNUbDNmSEbK6PwevMSNBOfDq0
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODBERjUzMDE4NkI5NTY2NA==

170 B
188 B

40ms
40ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODBERjUzMDE4NkI5NTY2NA==

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODBERjUzMDE4NkI5NTY2NA==
date: Fri, 19 Aug 2022 07:58:24 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1BED
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGP1TCNObYLOU7LjS3utoW0&google_cver=1&google_push=AehlK4BN3RXY5XXESggKYtFJWxPnKV6KMiCtKiCWtdzSHN3KWPvR0P2F1feicsNSDVQcK-WN9r2etQn976PMy...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGP1TCNObYLOU7LjS3utoW0&google_push=AehlK4BN3RXY5XXESggKYtFJWxPnKV6KMiCtKiCWtdzSHN3KWPvR0P2F1feicsNSDVQcK-WN9r2etQn976PMy...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4BN3RXY5XXESggKYtFJWxPnKV6KMiCtKiCWtdzSHN3KWPvR0P2F1feicsNSDVQcK-WN9r2etQn976PMyyB129UZfXDSBLg&google_hm=NksxZ3ppcXpUSDZES3UzO...

170 B
188 B

39ms
37ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4BN3RXY5XXESggKYtFJWxPnKV6KMiCtKiCWtdzSHN3KWPvR0P2F1feicsNSDVQcK-WN9r2etQn976PMyyB129UZfXDSBLg&google_hm=NksxZ3ppcXpUSDZES3UzOC16Ulg=

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 19 Aug 2022 07:58:24 GMT
P3p: CP="We do not support P3P header."
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4BN3RXY5XXESggKYtFJWxPnKV6KMiCtKiCWtdzSHN3KWPvR0P2F1feicsNSDVQcK-WN9r2etQn976PMyyB129UZfXDSBLg&google_hm=NksxZ3ppcXpUSDZES3UzOC16Ulg=
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 235
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1BED
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEHwufyhoFofmmyxMVeJLMlY&google_cver=1&google_push=AehlK4CWNK0q0zAD80D2PKbsoNHyM2_w0P4egVcpbP-Ih7QteXMYxpTOQEn3dOBDPBLaL5KQFmcOO1RZgSuZmby4zQEerv-eOviw
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4CWNK0q0zAD80D2PKbsoNHyM2_w0P4egVcpbP-Ih7QteXMYxpTOQEn3dOBDPBLaL5KQFmcOO1RZgSuZmby4zQEerv-eOviw&google_hm=Zzc2NjI3MjgyMjM1N2Y5...

170 B
188 B

92ms
92ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4CWNK0q0zAD80D2PKbsoNHyM2_w0P4egVcpbP-Ih7QteXMYxpTOQEn3dOBDPBLaL5KQFmcOO1RZgSuZmby4zQEerv-eOviw&google_hm=Zzc2NjI3MjgyMjM1N2Y5MWJjOTk=

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4CWNK0q0zAD80D2PKbsoNHyM2_w0P4egVcpbP-Ih7QteXMYxpTOQEn3dOBDPBLaL5KQFmcOO1RZgSuZmby4zQEerv-eOviw&google_hm=Zzc2NjI3MjgyMjM1N2Y5MWJjOTk=
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1BED
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEOSnflgUC2XXiJrJK2G3eJo&google_cver=1&google_push=AehlK4DZ99dJU0PjGky1b22weF_n9jcftl5hKlbMJcW2xAB-TVbmEf3E68ICCHl73c03ecUFJqi1A...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4DZ99dJU0PjGky1b22weF_n9jcftl5hKlbMJcW2xAB-TVbmEf3E68ICCHl73c03ecUFJqi1AUtP-T8sKt2SWevF2EGhHVc&google_hm=WXY5Q244Q284...

170 B
188 B

92ms
92ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4DZ99dJU0PjGky1b22weF_n9jcftl5hKlbMJcW2xAB-TVbmEf3E68ICCHl73c03ecUFJqi1AUtP-T8sKt2SWevF2EGhHVc&google_hm=WXY5Q244Q284WDhBQU9CU0FKRUFBQUFB

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 26
Date: Fri, 19 Aug 2022 07:58:23 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEOSnflgUC2XXiJrJK2G3eJo&google_cver=1&google_push=AehlK4DZ99dJU0PjGky1b22weF_n9jcftl5hKlbMJcW2xAB-TVbmEf3E68ICCHl73c03ecUFJqi1AUtP-T8sKt2SWevF2EGhHVc","cluster_id":26,"gdpr":false,"ipv4":"217.138.252.171","key":"Yv9Cn8Co8X8AAOBSAJEAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad218"}
X-SO-Ads-Time: 3
X-SO-Key: Yv9Cn8Co8X8AAOBSAJEAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad218
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4DZ99dJU0PjGky1b22weF_n9jcftl5hKlbMJcW2xAB-TVbmEf3E68ICCHl73c03ecUFJqi1AUtP-T8sKt2SWevF2EGhHVc&google_hm=WXY5Q244Q284WDhBQU9CU0FKRUFBQUFB
Cache-Control: private
X-SO-HostName: m-ad218.dc4p.scaleout.jp
Connection: keep-alive
Content-Length: 0
X-SO-LB-Hostname: m-tgng27.dc4p.scaleout.jp
X-SO-IP: 217.138.252.171

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1BED
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESENVplC3zlFOyiXM6g7nS-Ew&google_cver=1&google_push=AehlK4AfkL0Cu20-2y3Aa_IOL_asYDj6XpwTTGx8vILjJNs2NTTvyalz4nld_sC8zasuBarrF0FvQVp4Y2RnPb_H5UlPTF9pPguJ
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4AfkL0Cu20-2y3Aa_IOL_asYDj6XpwTTGx8vILjJNs2NTTvyalz4nld_sC8zasuBarrF0FvQVp4Y2RnPb_H5UlPTF9pPguJ&google_hm=c4b2c0eac7a950bce5a...

170 B
188 B

87ms
87ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4AfkL0Cu20-2y3Aa_IOL_asYDj6XpwTTGx8vILjJNs2NTTvyalz4nld_sC8zasuBarrF0FvQVp4Y2RnPb_H5UlPTF9pPguJ&google_hm=c4b2c0eac7a950bce5ada634523981a3

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4AfkL0Cu20-2y3Aa_IOL_asYDj6XpwTTGx8vILjJNs2NTTvyalz4nld_sC8zasuBarrF0FvQVp4Y2RnPb_H5UlPTF9pPguJ&google_hm=c4b2c0eac7a950bce5ada634523981a3
date: Fri, 19 Aug 2022 07:58:23 GMT
server: nginx
content-type: text/html; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1BED 0
12 B 85ms
82ms Image
text/html 172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IzHdHroa0E7gb4BamaVewE9yMkQadIQw-IEnJGBz0es6MTnNG-5tYBYZtRKMhlongJRQ01

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A736
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGEjWOqetpU3JLkTpoV5Gjc&google_cver=1&google_push=AehlK4BinF6tjXkfUvBEB5T5k7doR514R_cbzOqvtPgF_Xb3N-YFebVdqUhErwR05Mp3yUotvyr_kecWwkvIxtsV...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4BinF6tjXkfUvBEB5T5k7doR514R_cbzOqvtPgF_Xb3N-YFebVdqUhErwR05Mp3yUotvyr_kecWwkvIxtsVm0cIMhnCD6Um

170 B
188 B

38ms
38ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4BinF6tjXkfUvBEB5T5k7doR514R_cbzOqvtPgF_Xb3N-YFebVdqUhErwR05Mp3yUotvyr_kecWwkvIxtsVm0cIMhnCD6Um

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 19 Aug 2022 07:58:23 GMT
Server: MT3 4494 7cf1da7 master hkg-pixel-x19 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4BinF6tjXkfUvBEB5T5k7doR514R_cbzOqvtPgF_Xb3N-YFebVdqUhErwR05Mp3yUotvyr_kecWwkvIxtsVm0cIMhnCD6Um
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 19 Aug 2022 07:58:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A736
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEGRA0nGx2ZM46FLdIht2nR8&google_cver=1&google_push=AehlK4DMjKulMRXSNFdi0q3Wc6Lp91_QasJWcDdx90GKbHU7lHO7fjbEXiMai-wf1cFoNY_gCbY92s3bNGaamcROC4ucT96GVxz2
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4DMjKulMRXSNFdi0q3Wc6Lp91_QasJWcDdx90GKbHU7lHO7fjbEXiMai-wf1cFoNY_gCbY92s3bNGaamcROC4ucT96GVxz2&google_hm=e4Bx0JqSxO419VJ_dgt1gA==

170 B
188 B

89ms
89ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4DMjKulMRXSNFdi0q3Wc6Lp91_QasJWcDdx90GKbHU7lHO7fjbEXiMai-wf1cFoNY_gCbY92s3bNGaamcROC4ucT96GVxz2&google_hm=e4Bx0JqSxO419VJ_dgt1gA==

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4DMjKulMRXSNFdi0q3Wc6Lp91_QasJWcDdx90GKbHU7lHO7fjbEXiMai-wf1cFoNY_gCbY92s3bNGaamcROC4ucT96GVxz2&google_hm=e4Bx0JqSxO419VJ_dgt1gA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: k7a8jeopplje0dhglap5tr9gqsp8qoel

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame A736 0
41 B 4ms
1ms Image
text/html 103.231.99.243
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBmsyxwse7iONWRudkFZRnc&google_cver=1&google_push=AehlK4BPEBtA-ErZJQKpJEv5Pd5Y_oTiOWSRsiOklIaKfOhB4SvwJ0OwjdawSf_b1YmcdEcCViAPizBMQK0maXk5lpBJqs6Mj3aP
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A736
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEON9AbAr7sx0_RTeE4kJlWA&google_cver=1&google_push=AehlK4CBd1dmMWTJJHHY5zyvukJ5v5dCbNoP6Kaor7PP3K3JxyuOOE4MihjsIkyOwLcBc_8yhTavXvZeyPQz8tTg...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=b19e91ed&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4CBd1dmMWTJJHHY5zyvukJ5v5dCbNoP6Kaor7PP3K3J...

170 B
188 B

97ms
97ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=b19e91ed&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4CBd1dmMWTJJHHY5zyvukJ5v5dCbNoP6Kaor7PP3K3JxyuOOE4MihjsIkyOwLcBc_8yhTavXvZeyPQz8tTg_agQDOjoHC-7

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 19 Aug 2022 07:58:23 GMT
via: 1.1 24a05fe48affcc31b4ca2a9e89ee8622.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: NRT12-C5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=b19e91ed&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AehlK4CBd1dmMWTJJHHY5zyvukJ5v5dCbNoP6Kaor7PP3K3JxyuOOE4MihjsIkyOwLcBc_8yhTavXvZeyPQz8tTg_agQDOjoHC-7
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: TmSzhNjnD77SpcUaUlzBlzQjsEsM0Kt8syv0EPRZAW0wM8H0gGERag==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A736
Redirect Chain

https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEJC2irfpa6rOFx1z60rIBI0&google_cver=1&google_push=AehlK4B33ahKXy5ti6qA84jmUAd8JQ8bS-sOxtm_6FznAfvqYImrpQOlopHkZT1nvYHU9ngb7IOFtqGIsuOz6iVhAvCY...
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AehlK4B33ahKXy5ti6qA84jmUAd8JQ8bS-sOxtm_6FznAfvqYImrpQOlopHkZT1nvYHU9ngb7IOFtqGIsuOz6iVhAvCYzpC6LWTJ

170 B
188 B

100ms
100ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AehlK4B33ahKXy5ti6qA84jmUAd8JQ8bS-sOxtm_6FznAfvqYImrpQOlopHkZT1nvYHU9ngb7IOFtqGIsuOz6iVhAvCYzpC6LWTJ

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AehlK4B33ahKXy5ti6qA84jmUAd8JQ8bS-sOxtm_6FznAfvqYImrpQOlopHkZT1nvYHU9ngb7IOFtqGIsuOz6iVhAvCYzpC6LWTJ
date: Fri, 19 Aug 2022 07:58:23 GMT
server: nginx

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A736
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMjFL_XE_zm_D2tC7XroDeo&google_cver=1&google_push=AehlK4DcC3biyQG25xnepfuvVyO8m83yu0gg0ZlhwnrmawpVLiVU136aKdWj6M2xYpLPvQYqzBLrrBJM6Oa6...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DcC3biyQG25xnepfuvVyO8m83yu0gg0ZlhwnrmawpVLiVU136aKdWj6M2xYpLPvQYqzBLrrBJM6Oa6fSLzLJgH6zIFvXkX

170 B
188 B

40ms
40ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DcC3biyQG25xnepfuvVyO8m83yu0gg0ZlhwnrmawpVLiVU136aKdWj6M2xYpLPvQYqzBLrrBJM6Oa6fSLzLJgH6zIFvXkX

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DcC3biyQG25xnepfuvVyO8m83yu0gg0ZlhwnrmawpVLiVU136aKdWj6M2xYpLPvQYqzBLrrBJM6Oa6fSLzLJgH6zIFvXkX
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A736
Redirect Chain

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESELr7t7w5ifJC-gtBPa2rcBM&google_cver=1&google_push=AehlK4CBMN_cjA1dekWP8AGEXo8cSTgoIlX-syUF8Xn47RkRQpoy9KhPk3-jmnpj...
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESELr7t7w5ifJC-gtBPa2rcBM&google_cver=1&google_push=AehlK4CBMN_cjA1dekWP8AGEXo8cSTgoIlX-syUF8Xn47RkRQpoy9KhPk3-jmnpj...
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4CBMN_cjA1dekWP8AGEXo8cSTgoIlX-syUF8Xn47RkRQpoy9KhPk3-jmnpjNm_-FT4AGV-YUfnFFb-KnKxNnU8P_MD92CMwGg&google_hm=NnFURDBVdldGe...

170 B
188 B

98ms
93ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4CBMN_cjA1dekWP8AGEXo8cSTgoIlX-syUF8Xn47RkRQpoy9KhPk3-jmnpjNm_-FT4AGV-YUfnFFb-KnKxNnU8P_MD92CMwGg&google_hm=NnFURDBVdldGejY=&suid-set=1

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 19 Aug 2022 07:58:23 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4CBMN_cjA1dekWP8AGEXo8cSTgoIlX-syUF8Xn47RkRQpoy9KhPk3-jmnpjNm_-FT4AGV-YUfnFFb-KnKxNnU8P_MD92CMwGg&google_hm=NnFURDBVdldGejY=&suid-set=1
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A736 0
12 B 86ms
85ms Image
text/html 172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jf7xfIAgZO8rXMwAiNQBR3dZq6cg79rbxieErd7Pq7hd5_SDVp6kUfXdkp1nXMjaqJ4AVuAw

Requested by

Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-13-249-167-11.nrt12.r.cloudfront.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 29BB 43 B
215 B 172ms
172ms Image
image/gif 2600:1f18:1aca:4282:926:ca47:6d94:f346
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1109672&asId=7cc3d24f-1ed1-6da4-9b95-3e0a9f1ad477&tv=%7Bc:lINk7A,time:1057,type:e,im:%7Bpci:%7Btdr:1006%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:16,o:1041,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1036~0%5D,as:%5B1036~160.600%5D%7D%7D,%7Bsl:i,t:1041,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B16~100%5D,as:%5B16~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:177,fm:teWpWCF+11%7C12%7C131%7C132%7C141%7C151%7C152%7C161%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g*.1109672-64802888%7C1g1%7C1h.1109672-64802888%7C1h1%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n,idMap:1g*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:926:ca47:6d94:f346 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CF93 43 B
215 B 172ms
172ms Image
image/gif 2600:1f18:1aca:4282:926:ca47:6d94:f346
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1109672&asId=c402dd72-af98-7f3f-5b08-c6cca16a015d&tv=%7Bc:lINk91,time:1063,type:e,im:%7Bpci:%7Btdr:1009%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1063,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1057~0%5D,as:%5B1057~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:668,fm:teWpWCF+11%7C12%7C131%7C132%7C141%7C151%7C152%7C161%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g.1109672-64802888%7C1g1%7C1g2%7C1g3%7C1h*.1109672-64802888%7C1h1%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:926:ca47:6d94:f346 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:23 GMT
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mti/20743/ Frame 70B0 15 KB
15 KB 127ms
126ms Document
text/html 35.166.70.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mti/20743/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__icGHzSloME8NZ1QqlTIwRoPnWSbERH3Wb7BYkdwo-L-V_lfQhy3D-HN5abr-ivStFUdgwgfdqot4gy6UX6ZlYM7k2ocivz-PCYvsDIqhhwwilzalPT4DtpvehC12MFsk9F8JhKRg0pYCXZAZ1ryz1VZ9VPRf3jZJq4M8yBxhP2cqyal6uBBiJrVACB2kfiMqdoqh30cOf60HSHlaTD4cvYOPggEAToBCihkIjMG-EGBFfLoNbaIReG-bqdCTHXjysdrYPMAAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsu5zT66FE19UeJFQHBbd49GuKxgEypyUY2yoIZ0GxhXM3Su5baFVbgOGAEevrVwxsT0gjug8QYge3lJlOSDhmRUDTMPTuFbLahufNEIuALswB3cx5byvbDKYzFn3-FzUhm_nIYm88ur-F6Ehbv5WdAKUoqdUY6TnjWlOJ6CL4KkZynO99IjS8XodHriPzFaopZijo5pw_dbYxA2yQCAkboZzueQ9-Yzyhyo6kZSmTU6956fLfJU_9TIf6-1L1uBR9_L9Bwlr2iiv2uwjTz7jfU8K_floHUPwpDcRDVPIjlBAT_uO5V3JzNpTQoszJ9YPN689nn9Q6UYs6yFSMSxYQQCz0tcoCMqV5fa_WcOujIHowF0bX8MLe2yfec9K9S7w4hFJOdBKtfyEuow4BxJ_oJ-NcQZ4ic2A-JqY7ZCkNE1eOHXwni92YMXnsZ4VGf9nBEFJtcFpyX4C-Qv_dIht9pOcXur1kV-2zEzRkiYCSoshE15KgA0h2nDeexY08GHLg4pHI01xqjh0crmiKCTO5sQa8CMV3Pm0BXl-NvyHOUjK5d44Nkktj43fBJU3hYkYiJkgHgPL3qSAiXaHI8KGdG_NaXohfcHtD43-gQhNoV_9OKQmJjHcv71U8DhOZpyywZR7iyVtsQSdkliQDgnYdVCJ0YRY3bwfbcR2Heqqpbthi98zKDd87gUavuWM-9uqsIbM_8naVGATe-JDim0fdvVFzMuNYxuF03ICcVF4mEEfn6OsZIQVH2t1Gtjf0rCVWYp4xtimDgja9GyL4rYq0VxhY966ceXzz2zk-pR9nPWpVNNbGnWMDwj1ZoRV0UdQ3yNP-fvXUnvhJRDsqqDV9jTpmPKfR9iIQk7SoqBtleiOaQzHiaP9AnScnph2LALliimZ51e6AKAwo-AWRx5rJulSzGtfm-zezxFsGgT24_6TXyxBEJ6GbqSHKed6cTddUhHC6kUWUaOoGHOpIuOoGo5GtPJ-0vUCQhNYk2DcYnp-W0W-r7iwqmS1d0Ul_ojoTH0Mx6DRyDp-RO2xQB4BncKCVWXdac2x_BPQ-lem-TFAGMoxLwK3RtAPLfa0-WsRw-XtAebp8r3zfxQCCM2yaPcL6DoSI4zarllNGmSZJI64Ly7bWNlZxkqr7IJfn6HEsXvZADlyY__Ph_YQpTxxl3-q6D6-knRf0GszqUd-3H5Yb85Hec2ouGNq0-4BdNDuoN4pa8%2526sai%253DAMfl-YRa7sTSlDqWs_LlUnixEon-R2_64Dvs2OGcdHAqU6XEC3g3UqChZqRL2QxbBZdbs7xGm8bOYhzVqsHkv_eDBhtxJl4EbBU1ozuhnggtFn29HY_K7MxCONxXxbcIhm2N4jwx9XEQGNGnfdPzzKAg9-TwCHTnoaTASv8HWRHIGDgvDtMUCNy3edQKIQwh_i4Ig972YNkLypvN8kY6Woq1Pi-swfoCyEkOzGA%2526sig%253DCg0ArKJSzLkrr4nYZ-puEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=28195199&PLCMT_ID=341376302&AD_ID=534000586&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=341376302&cachebuster=1660895872&TC_1=cmm9q5m2ohy&TC_2=28195199&TC_3=341376302&TC_4=175149797&TC_5=dcmadvertiserid|8404942$dcmcampaignid|28195199$dcmadid|534000586$dcmrenderingid|175540445$dcmsiteid|6958819$dcmplacementid|341376302$customer|Microsoft$dv360auctionid|&nr=0.22142710801040044&edge=y&html5=y&loc=https%3A%2F%2Fd2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com%2F
Requested by: Host: ads.everesttech.net
URL: https://ads.everesttech.net/ads/mti/20743/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__icGHzSloME8NZ1QqlTIwRoPnWSbERH3Wb7BYkdwo-L-V_lfQhy3D-HN5abr-ivStFUdgwgfdqot4gy6UX6ZlYM7k2ocivz-PCYvsDIqhhwwilzalPT4DtpvehC12MFsk9F8JhKRg0pYCXZAZ1ryz1VZ9VPRf3jZJq4M8yBxhP2cqyal6uBBiJrVACB2kfiMqdoqh30cOf60HSHlaTD4cvYOPggEAToBCihkIjMG-EGBFfLoNbaIReG-bqdCTHXjysdrYPMAAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsu5zT66FE19UeJFQHBbd49GuKxgEypyUY2yoIZ0GxhXM3Su5baFVbgOGAEevrVwxsT0gjug8QYge3lJlOSDhmRUDTMPTuFbLahufNEIuALswB3cx5byvbDKYzFn3-FzUhm_nIYm88ur-F6Ehbv5WdAKUoqdUY6TnjWlOJ6CL4KkZynO99IjS8XodHriPzFaopZijo5pw_dbYxA2yQCAkboZzueQ9-Yzyhyo6kZSmTU6956fLfJU_9TIf6-1L1uBR9_L9Bwlr2iiv2uwjTz7jfU8K_floHUPwpDcRDVPIjlBAT_uO5V3JzNpTQoszJ9YPN689nn9Q6UYs6yFSMSxYQQCz0tcoCMqV5fa_WcOujIHowF0bX8MLe2yfec9K9S7w4hFJOdBKtfyEuow4BxJ_oJ-NcQZ4ic2A-JqY7ZCkNE1eOHXwni92YMXnsZ4VGf9nBEFJtcFpyX4C-Qv_dIht9pOcXur1kV-2zEzRkiYCSoshE15KgA0h2nDeexY08GHLg4pHI01xqjh0crmiKCTO5sQa8CMV3Pm0BXl-NvyHOUjK5d44Nkktj43fBJU3hYkYiJkgHgPL3qSAiXaHI8KGdG_NaXohfcHtD43-gQhNoV_9OKQmJjHcv71U8DhOZpyywZR7iyVtsQSdkliQDgnYdVCJ0YRY3bwfbcR2Heqqpbthi98zKDd87gUavuWM-9uqsIbM_8naVGATe-JDim0fdvVFzMuNYxuF03ICcVF4mEEfn6OsZIQVH2t1Gtjf0rCVWYp4xtimDgja9GyL4rYq0VxhY966ceXzz2zk-pR9nPWpVNNbGnWMDwj1ZoRV0UdQ3yNP-fvXUnvhJRDsqqDV9jTpmPKfR9iIQk7SoqBtleiOaQzHiaP9AnScnph2LALliimZ51e6AKAwo-AWRx5rJulSzGtfm-zezxFsGgT24_6TXyxBEJ6GbqSHKed6cTddUhHC6kUWUaOoGHOpIuOoGo5GtPJ-0vUCQhNYk2DcYnp-W0W-r7iwqmS1d0Ul_ojoTH0Mx6DRyDp-RO2xQB4BncKCVWXdac2x_BPQ-lem-TFAGMoxLwK3RtAPLfa0-WsRw-XtAebp8r3zfxQCCM2yaPcL6DoSI4zarllNGmSZJI64Ly7bWNlZxkqr7IJfn6HEsXvZADlyY__Ph_YQpTxxl3-q6D6-knRf0GszqUd-3H5Yb85Hec2ouGNq0-4BdNDuoN4pa8%2526sai%253DAMfl-YRa7sTSlDqWs_LlUnixEon-R2_64Dvs2OGcdHAqU6XEC3g3UqChZqRL2QxbBZdbs7xGm8bOYhzVqsHkv_eDBhtxJl4EbBU1ozuhnggtFn29HY_K7MxCONxXxbcIhm2N4jwx9XEQGNGnfdPzzKAg9-TwCHTnoaTASv8HWRHIGDgvDtMUCNy3edQKIQwh_i4Ig972YNkLypvN8kY6Woq1Pi-swfoCyEkOzGA%2526sig%253DCg0ArKJSzLkrr4nYZ-puEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=28195199&PLCMT_ID=341376302&AD_ID=534000586&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=341376302&cachebuster=1660895872&TC_1=cmm9q5m2ohy&TC_2=28195199&TC_3=341376302&TC_4=175149797&TC_5=dcmadvertiserid|8404942$dcmcampaignid|28195199$dcmadid|534000586$dcmrenderingid|175540445$dcmsiteid|6958819$dcmplacementid|341376302$customer|Microsoft$dv360auctionid|
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.70.223 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-70-223.us-west-2.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: 6a1e9c2bc200b59372388ac4efa787e309b0d41ed2afd678dc3db59621ac0b59

Request headers

Referer: https://ads.everesttech.net/ads/mti/20743/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__icGHzSloME8NZ1QqlTIwRoPnWSbERH3Wb7BYkdwo-L-V_lfQhy3D-HN5abr-ivStFUdgwgfdqot4gy6UX6ZlYM7k2ocivz-PCYvsDIqhhwwilzalPT4DtpvehC12MFsk9F8JhKRg0pYCXZAZ1ryz1VZ9VPRf3jZJq4M8yBxhP2cqyal6uBBiJrVACB2kfiMqdoqh30cOf60HSHlaTD4cvYOPggEAToBCihkIjMG-EGBFfLoNbaIReG-bqdCTHXjysdrYPMAAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsu5zT66FE19UeJFQHBbd49GuKxgEypyUY2yoIZ0GxhXM3Su5baFVbgOGAEevrVwxsT0gjug8QYge3lJlOSDhmRUDTMPTuFbLahufNEIuALswB3cx5byvbDKYzFn3-FzUhm_nIYm88ur-F6Ehbv5WdAKUoqdUY6TnjWlOJ6CL4KkZynO99IjS8XodHriPzFaopZijo5pw_dbYxA2yQCAkboZzueQ9-Yzyhyo6kZSmTU6956fLfJU_9TIf6-1L1uBR9_L9Bwlr2iiv2uwjTz7jfU8K_floHUPwpDcRDVPIjlBAT_uO5V3JzNpTQoszJ9YPN689nn9Q6UYs6yFSMSxYQQCz0tcoCMqV5fa_WcOujIHowF0bX8MLe2yfec9K9S7w4hFJOdBKtfyEuow4BxJ_oJ-NcQZ4ic2A-JqY7ZCkNE1eOHXwni92YMXnsZ4VGf9nBEFJtcFpyX4C-Qv_dIht9pOcXur1kV-2zEzRkiYCSoshE15KgA0h2nDeexY08GHLg4pHI01xqjh0crmiKCTO5sQa8CMV3Pm0BXl-NvyHOUjK5d44Nkktj43fBJU3hYkYiJkgHgPL3qSAiXaHI8KGdG_NaXohfcHtD43-gQhNoV_9OKQmJjHcv71U8DhOZpyywZR7iyVtsQSdkliQDgnYdVCJ0YRY3bwfbcR2Heqqpbthi98zKDd87gUavuWM-9uqsIbM_8naVGATe-JDim0fdvVFzMuNYxuF03ICcVF4mEEfn6OsZIQVH2t1Gtjf0rCVWYp4xtimDgja9GyL4rYq0VxhY966ceXzz2zk-pR9nPWpVNNbGnWMDwj1ZoRV0UdQ3yNP-fvXUnvhJRDsqqDV9jTpmPKfR9iIQk7SoqBtleiOaQzHiaP9AnScnph2LALliimZ51e6AKAwo-AWRx5rJulSzGtfm-zezxFsGgT24_6TXyxBEJ6GbqSHKed6cTddUhHC6kUWUaOoGHOpIuOoGo5GtPJ-0vUCQhNYk2DcYnp-W0W-r7iwqmS1d0Ul_ojoTH0Mx6DRyDp-RO2xQB4BncKCVWXdac2x_BPQ-lem-TFAGMoxLwK3RtAPLfa0-WsRw-XtAebp8r3zfxQCCM2yaPcL6DoSI4zarllNGmSZJI64Ly7bWNlZxkqr7IJfn6HEsXvZADlyY__Ph_YQpTxxl3-q6D6-knRf0GszqUd-3H5Yb85Hec2ouGNq0-4BdNDuoN4pa8%2526sai%253DAMfl-YRa7sTSlDqWs_LlUnixEon-R2_64Dvs2OGcdHAqU6XEC3g3UqChZqRL2QxbBZdbs7xGm8bOYhzVqsHkv_eDBhtxJl4EbBU1ozuhnggtFn29HY_K7MxCONxXxbcIhm2N4jwx9XEQGNGnfdPzzKAg9-TwCHTnoaTASv8HWRHIGDgvDtMUCNy3edQKIQwh_i4Ig972YNkLypvN8kY6Woq1Pi-swfoCyEkOzGA%2526sig%253DCg0ArKJSzLkrr4nYZ-puEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=28195199&PLCMT_ID=341376302&AD_ID=534000586&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=341376302&cachebuster=1660895872&TC_1=cmm9q5m2ohy&TC_2=28195199&TC_3=341376302&TC_4=175149797&TC_5=dcmadvertiserid|8404942$dcmcampaignid|28195199$dcmadid|534000586$dcmrenderingid|175540445$dcmsiteid|6958819$dcmplacementid|341376302$customer|Microsoft$dv360auctionid|
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: text/html;charset=utf-8
date: Fri, 19 Aug 2022 07:58:24 GMT
expires: Fri Aug 19 07:58:24 UTC 2022
pragma: no-cache
server: AMO-jAds/1.1

GET
H2 200 ca Show response
choices.trustarc.com/ Frame B413 7 KB
3 KB 177ms
158ms Script
text/javascript 13.249.167.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=digitas01cont8&js=pmw1&base=te-clr1-1ae37cc0-f066-4eea-8671-278adb9f5fb9

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.167.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

90ee29a45bc2c33c6b26f4eb5541eb3edc30e1a6cbd4274e055e0ad9324dcc99

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: NRT12-C3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
content-length: 2412
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 263337573333cdedec0f11e424dd369c.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: Sr4F9I4VS--hkdDhaW_-KfEXCkE-YmAesvKVdfYLdjp3YuiYFC5J3Q==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame B413 38 KB
12 KB 190ms
171ms Script
text/javascript 13.249.167.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=digitas01cont8&js=pmw2

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.167.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-167-11.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: NRT12-C3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 263337573333cdedec0f11e424dd369c.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: YeSdQiZ8Pty5iZUPgpFk_pGu21t1tt8Hb58ljO00vBm8FRTs4dQHyQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame B413 43 B
1 KB 173ms
155ms Image
image/gif 13.249.167.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=b0ec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.167.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-167-11.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:24 GMT
via: 1.1 263337573333cdedec0f11e424dd369c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: NRT12-C3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: 2x1dFRp044aNmMqFDnK-qvfnN1iPYs-QNB327oQRZd9LcfBn77T-bQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mti/20743/ Frame 0C28 14 KB
14 KB 133ms
132ms Document
text/html 35.166.70.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mti/20743/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__aOhazz3vVtdCrbylgtnnrONeraAFVY-ykhqlgrRMZyjPRpJljUohppBY16T1Yoq7wIrqaRMqES6on9UXuJVhShm8WHblcnypRgUBvdo2e6eSB7HIVuiKeLDNwfaJfMDH1Psu9q38ylXKu8xEIKJaC_yoLfr-1rdC-ZqdO3G9r7Iwi-ES-DavGZFMj3MppX6u61RrNUv1RsdejIaXiteXTKmuFo6ooqgEPhNcti0mqwtL0_eAadQShDKSoEHDnGOo5kH5YcAAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsuvpEVPWSCafncHCgkVqJJDAhsGGaCrF2TnVdAv_0KjaOgZ5ygn1HhzRWhGyFtxkJZKn4nssFsVP6AqhyRzKKXsx8m-0wdgkfQFUlK7aSmyC0S4beYFkt8aBFTjwfY11xJFkgXyUFgGCbC4AMgAe5cPRIlxAUipA-vDY9XoEtaeoHGDJJaJMQw12EMsm791caXc6BNPhaQAt4MEuDrWqY5drrMD6EmwoGUQ3xMYju5W2XXUHCYXyMPHHOvg-yrYzhrTrFh-EPSmsUA1fUtD3NmsF6Vb4-9eS-R7XP0RgoVZL0XV3aSwdXAS8M5q4ZTLFlupVkF97PxSdcpaiqgoy_9MmcmfSa2rxD0-xRVZrhiykRw6y_fhTNJuXpltN6J6iR6dF0lNzGag6prkbg4fZdB01Pdkxhh9GK8tW8nzI0etczC6w49RH4gLG9k-qirHev6HzGl1GyfizEowJVtimJWu7Ys8_q0TSW3eOilSKM-4sJA20UX3J3c0b-RLV8dyWGeU2oMCauxNQBS-YrsPlMfBy2_PCGQrjGu__KvQcgatpyReVlqXOSl3Y3uySpb6mWQNSaMP-qI-PFCGJuvlyFnY2PoN1KK7gc_lHyNi3Z7PkMkElOouPuBOC92MfZxRxaOOW-pI0PkZAoRX2qu1s59ykeH4jsCFHMXImtNfmPNyOT17ZTtHaNqkSKv5X5bqY1szjF6sXN0aaEroPJyKQiNozMnwIcTEjtsbNhyhG6arI9sI0uPGDneJ_ol481UzCHnY37eCXPvRjHsp40mEfqhEq14uPQ8taf5cDAp5MjiURjZomoHt_boEvt0vIMbA_AhyFgbHEwy0r1XwPrbWvuGqz5EYP1kPl6ofvn4dXrKKId-E3R8aPnuNsFGx4_rakEdo7kK0T1eUfAAvWeondklu7gTaCiO574tEzMq2PgguCjraz4a5tqi9rAkWbOKVj5Kwe2NxHR0INmzJX5Uxb6kn1E_z_2iHd8_c6xjlh7oybYz0Dpx-vLKc3sBIVYV_wwLWowUp7LhDHt-nPAxG_gkrfskk0n22Ndg6eoFbKcprtTo54bIIP6EWPfqy-fRsYQD2mcvZJAzDq2l59h2WHPstqS3Olk1Xyfut1cGuDlXfTG21ZQ8KheWVhrsKu7a27VOrnAl9_xRPk4uwr0IuYL3afNoxCpJNX7vaqd5YSFbLG5aOMVMOO2vLmuKGl0X2fNZzdLXqTsEO%2526sai%253DAMfl-YRfesTWX_bR-y98Ru-t31V5KCi8M2XXhuRWOUqlqwRLisMbp59kOJOBO2bK_BE-n5zheT9AS9NtFhcPIOWEz7I_SQUawQvcYIz3y8FqhvF-zor2EPS8RRmBHPFPyJQexYnJx7r24WKH3oJW-fctCNHD7xNvYJD6Mw6u6T7fuPNM9W-Nit-OCmAKF8SfwiSJsU5JailJm_c_dqEu9MSWHjwvn_wov0wGD7k%2526sig%253DCg0ArKJSzPekn0F5kSKTEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=28195199&PLCMT_ID=341376302&AD_ID=534000586&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=341376302&cachebuster=1660895872&TC_1=cmm9q5m2ohy&TC_2=28195199&TC_3=341376302&TC_4=175149797&TC_5=dcmadvertiserid|8404942$dcmcampaignid|28195199$dcmadid|534000586$dcmrenderingid|175540445$dcmsiteid|6958819$dcmplacementid|341376302$customer|Microsoft$dv360auctionid|&nr=0.005261786617116515&edge=y&html5=y&loc=https%3A%2F%2Fd2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com%2F
Requested by: Host: ads.everesttech.net
URL: https://ads.everesttech.net/ads/mti/20743/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__aOhazz3vVtdCrbylgtnnrONeraAFVY-ykhqlgrRMZyjPRpJljUohppBY16T1Yoq7wIrqaRMqES6on9UXuJVhShm8WHblcnypRgUBvdo2e6eSB7HIVuiKeLDNwfaJfMDH1Psu9q38ylXKu8xEIKJaC_yoLfr-1rdC-ZqdO3G9r7Iwi-ES-DavGZFMj3MppX6u61RrNUv1RsdejIaXiteXTKmuFo6ooqgEPhNcti0mqwtL0_eAadQShDKSoEHDnGOo5kH5YcAAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsuvpEVPWSCafncHCgkVqJJDAhsGGaCrF2TnVdAv_0KjaOgZ5ygn1HhzRWhGyFtxkJZKn4nssFsVP6AqhyRzKKXsx8m-0wdgkfQFUlK7aSmyC0S4beYFkt8aBFTjwfY11xJFkgXyUFgGCbC4AMgAe5cPRIlxAUipA-vDY9XoEtaeoHGDJJaJMQw12EMsm791caXc6BNPhaQAt4MEuDrWqY5drrMD6EmwoGUQ3xMYju5W2XXUHCYXyMPHHOvg-yrYzhrTrFh-EPSmsUA1fUtD3NmsF6Vb4-9eS-R7XP0RgoVZL0XV3aSwdXAS8M5q4ZTLFlupVkF97PxSdcpaiqgoy_9MmcmfSa2rxD0-xRVZrhiykRw6y_fhTNJuXpltN6J6iR6dF0lNzGag6prkbg4fZdB01Pdkxhh9GK8tW8nzI0etczC6w49RH4gLG9k-qirHev6HzGl1GyfizEowJVtimJWu7Ys8_q0TSW3eOilSKM-4sJA20UX3J3c0b-RLV8dyWGeU2oMCauxNQBS-YrsPlMfBy2_PCGQrjGu__KvQcgatpyReVlqXOSl3Y3uySpb6mWQNSaMP-qI-PFCGJuvlyFnY2PoN1KK7gc_lHyNi3Z7PkMkElOouPuBOC92MfZxRxaOOW-pI0PkZAoRX2qu1s59ykeH4jsCFHMXImtNfmPNyOT17ZTtHaNqkSKv5X5bqY1szjF6sXN0aaEroPJyKQiNozMnwIcTEjtsbNhyhG6arI9sI0uPGDneJ_ol481UzCHnY37eCXPvRjHsp40mEfqhEq14uPQ8taf5cDAp5MjiURjZomoHt_boEvt0vIMbA_AhyFgbHEwy0r1XwPrbWvuGqz5EYP1kPl6ofvn4dXrKKId-E3R8aPnuNsFGx4_rakEdo7kK0T1eUfAAvWeondklu7gTaCiO574tEzMq2PgguCjraz4a5tqi9rAkWbOKVj5Kwe2NxHR0INmzJX5Uxb6kn1E_z_2iHd8_c6xjlh7oybYz0Dpx-vLKc3sBIVYV_wwLWowUp7LhDHt-nPAxG_gkrfskk0n22Ndg6eoFbKcprtTo54bIIP6EWPfqy-fRsYQD2mcvZJAzDq2l59h2WHPstqS3Olk1Xyfut1cGuDlXfTG21ZQ8KheWVhrsKu7a27VOrnAl9_xRPk4uwr0IuYL3afNoxCpJNX7vaqd5YSFbLG5aOMVMOO2vLmuKGl0X2fNZzdLXqTsEO%2526sai%253DAMfl-YRfesTWX_bR-y98Ru-t31V5KCi8M2XXhuRWOUqlqwRLisMbp59kOJOBO2bK_BE-n5zheT9AS9NtFhcPIOWEz7I_SQUawQvcYIz3y8FqhvF-zor2EPS8RRmBHPFPyJQexYnJx7r24WKH3oJW-fctCNHD7xNvYJD6Mw6u6T7fuPNM9W-Nit-OCmAKF8SfwiSJsU5JailJm_c_dqEu9MSWHjwvn_wov0wGD7k%2526sig%253DCg0ArKJSzPekn0F5kSKTEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=28195199&PLCMT_ID=341376302&AD_ID=534000586&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=341376302&cachebuster=1660895872&TC_1=cmm9q5m2ohy&TC_2=28195199&TC_3=341376302&TC_4=175149797&TC_5=dcmadvertiserid|8404942$dcmcampaignid|28195199$dcmadid|534000586$dcmrenderingid|175540445$dcmsiteid|6958819$dcmplacementid|341376302$customer|Microsoft$dv360auctionid|
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.70.223 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-70-223.us-west-2.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: 02ae8aa99d1306b7383d9159b449fdaae42b7fbdf891293e06251d1b74932737

Request headers

Referer: https://ads.everesttech.net/ads/mti/20743/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__aOhazz3vVtdCrbylgtnnrONeraAFVY-ykhqlgrRMZyjPRpJljUohppBY16T1Yoq7wIrqaRMqES6on9UXuJVhShm8WHblcnypRgUBvdo2e6eSB7HIVuiKeLDNwfaJfMDH1Psu9q38ylXKu8xEIKJaC_yoLfr-1rdC-ZqdO3G9r7Iwi-ES-DavGZFMj3MppX6u61RrNUv1RsdejIaXiteXTKmuFo6ooqgEPhNcti0mqwtL0_eAadQShDKSoEHDnGOo5kH5YcAAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsuvpEVPWSCafncHCgkVqJJDAhsGGaCrF2TnVdAv_0KjaOgZ5ygn1HhzRWhGyFtxkJZKn4nssFsVP6AqhyRzKKXsx8m-0wdgkfQFUlK7aSmyC0S4beYFkt8aBFTjwfY11xJFkgXyUFgGCbC4AMgAe5cPRIlxAUipA-vDY9XoEtaeoHGDJJaJMQw12EMsm791caXc6BNPhaQAt4MEuDrWqY5drrMD6EmwoGUQ3xMYju5W2XXUHCYXyMPHHOvg-yrYzhrTrFh-EPSmsUA1fUtD3NmsF6Vb4-9eS-R7XP0RgoVZL0XV3aSwdXAS8M5q4ZTLFlupVkF97PxSdcpaiqgoy_9MmcmfSa2rxD0-xRVZrhiykRw6y_fhTNJuXpltN6J6iR6dF0lNzGag6prkbg4fZdB01Pdkxhh9GK8tW8nzI0etczC6w49RH4gLG9k-qirHev6HzGl1GyfizEowJVtimJWu7Ys8_q0TSW3eOilSKM-4sJA20UX3J3c0b-RLV8dyWGeU2oMCauxNQBS-YrsPlMfBy2_PCGQrjGu__KvQcgatpyReVlqXOSl3Y3uySpb6mWQNSaMP-qI-PFCGJuvlyFnY2PoN1KK7gc_lHyNi3Z7PkMkElOouPuBOC92MfZxRxaOOW-pI0PkZAoRX2qu1s59ykeH4jsCFHMXImtNfmPNyOT17ZTtHaNqkSKv5X5bqY1szjF6sXN0aaEroPJyKQiNozMnwIcTEjtsbNhyhG6arI9sI0uPGDneJ_ol481UzCHnY37eCXPvRjHsp40mEfqhEq14uPQ8taf5cDAp5MjiURjZomoHt_boEvt0vIMbA_AhyFgbHEwy0r1XwPrbWvuGqz5EYP1kPl6ofvn4dXrKKId-E3R8aPnuNsFGx4_rakEdo7kK0T1eUfAAvWeondklu7gTaCiO574tEzMq2PgguCjraz4a5tqi9rAkWbOKVj5Kwe2NxHR0INmzJX5Uxb6kn1E_z_2iHd8_c6xjlh7oybYz0Dpx-vLKc3sBIVYV_wwLWowUp7LhDHt-nPAxG_gkrfskk0n22Ndg6eoFbKcprtTo54bIIP6EWPfqy-fRsYQD2mcvZJAzDq2l59h2WHPstqS3Olk1Xyfut1cGuDlXfTG21ZQ8KheWVhrsKu7a27VOrnAl9_xRPk4uwr0IuYL3afNoxCpJNX7vaqd5YSFbLG5aOMVMOO2vLmuKGl0X2fNZzdLXqTsEO%2526sai%253DAMfl-YRfesTWX_bR-y98Ru-t31V5KCi8M2XXhuRWOUqlqwRLisMbp59kOJOBO2bK_BE-n5zheT9AS9NtFhcPIOWEz7I_SQUawQvcYIz3y8FqhvF-zor2EPS8RRmBHPFPyJQexYnJx7r24WKH3oJW-fctCNHD7xNvYJD6Mw6u6T7fuPNM9W-Nit-OCmAKF8SfwiSJsU5JailJm_c_dqEu9MSWHjwvn_wov0wGD7k%2526sig%253DCg0ArKJSzPekn0F5kSKTEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=28195199&PLCMT_ID=341376302&AD_ID=534000586&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=341376302&cachebuster=1660895872&TC_1=cmm9q5m2ohy&TC_2=28195199&TC_3=341376302&TC_4=175149797&TC_5=dcmadvertiserid|8404942$dcmcampaignid|28195199$dcmadid|534000586$dcmrenderingid|175540445$dcmsiteid|6958819$dcmplacementid|341376302$customer|Microsoft$dv360auctionid|
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: text/html;charset=utf-8
date: Fri, 19 Aug 2022 07:58:24 GMT
expires: Fri Aug 19 07:58:24 UTC 2022
pragma: no-cache
server: AMO-jAds/1.1

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CF93 43 B
215 B 173ms
172ms Image
image/gif 2600:1f18:1aca:4282:926:ca47:6d94:f346
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1109672&asId=c402dd72-af98-7f3f-5b08-c6cca16a015d&tv=%7Bc:lINkeG,pingTime:-10,time:1414,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNC4wLjUxMTIuMTAxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1660895903482%7C%7Ca4585493d85209b54c1df88cc54da486%7C%7C5804921a8d3c64b26a083c50aad655e9%7C%7Ca701a5c2a0167d54555b758e3277c99b%7C%7C5de31f4b911eabcdcbe2c05ff796dd71%7C%7C11f4871c6af3e9399c76d55127090c03%7C%7C8e19af9d6e3992566f509f675d52c201%7C%7Ce2306dee48dc75b59cd2d89f12cc7e1a%7C%7C1629390669,sca:%7Bspg:7cc3d24f-1ed1-6da4-9b95-3e0a9f1ad477%7D%7D
Requested by: Host: d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com
URL: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:926:ca47:6d94:f346 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:24 GMT
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK html5-ad-script_v4.html Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame ED81 16 KB
4 KB 19ms
3ms Document
text/html 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=Yv9CoAAABmBjWUJl
Requested by: Host: ads.everesttech.net
URL: https://ads.everesttech.net/ads/mti/20743/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__icGHzSloME8NZ1QqlTIwRoPnWSbERH3Wb7BYkdwo-L-V_lfQhy3D-HN5abr-ivStFUdgwgfdqot4gy6UX6ZlYM7k2ocivz-PCYvsDIqhhwwilzalPT4DtpvehC12MFsk9F8JhKRg0pYCXZAZ1ryz1VZ9VPRf3jZJq4M8yBxhP2cqyal6uBBiJrVACB2kfiMqdoqh30cOf60HSHlaTD4cvYOPggEAToBCihkIjMG-EGBFfLoNbaIReG-bqdCTHXjysdrYPMAAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsu5zT66FE19UeJFQHBbd49GuKxgEypyUY2yoIZ0GxhXM3Su5baFVbgOGAEevrVwxsT0gjug8QYge3lJlOSDhmRUDTMPTuFbLahufNEIuALswB3cx5byvbDKYzFn3-FzUhm_nIYm88ur-F6Ehbv5WdAKUoqdUY6TnjWlOJ6CL4KkZynO99IjS8XodHriPzFaopZijo5pw_dbYxA2yQCAkboZzueQ9-Yzyhyo6kZSmTU6956fLfJU_9TIf6-1L1uBR9_L9Bwlr2iiv2uwjTz7jfU8K_floHUPwpDcRDVPIjlBAT_uO5V3JzNpTQoszJ9YPN689nn9Q6UYs6yFSMSxYQQCz0tcoCMqV5fa_WcOujIHowF0bX8MLe2yfec9K9S7w4hFJOdBKtfyEuow4BxJ_oJ-NcQZ4ic2A-JqY7ZCkNE1eOHXwni92YMXnsZ4VGf9nBEFJtcFpyX4C-Qv_dIht9pOcXur1kV-2zEzRkiYCSoshE15KgA0h2nDeexY08GHLg4pHI01xqjh0crmiKCTO5sQa8CMV3Pm0BXl-NvyHOUjK5d44Nkktj43fBJU3hYkYiJkgHgPL3qSAiXaHI8KGdG_NaXohfcHtD43-gQhNoV_9OKQmJjHcv71U8DhOZpyywZR7iyVtsQSdkliQDgnYdVCJ0YRY3bwfbcR2Heqqpbthi98zKDd87gUavuWM-9uqsIbM_8naVGATe-JDim0fdvVFzMuNYxuF03ICcVF4mEEfn6OsZIQVH2t1Gtjf0rCVWYp4xtimDgja9GyL4rYq0VxhY966ceXzz2zk-pR9nPWpVNNbGnWMDwj1ZoRV0UdQ3yNP-fvXUnvhJRDsqqDV9jTpmPKfR9iIQk7SoqBtleiOaQzHiaP9AnScnph2LALliimZ51e6AKAwo-AWRx5rJulSzGtfm-zezxFsGgT24_6TXyxBEJ6GbqSHKed6cTddUhHC6kUWUaOoGHOpIuOoGo5GtPJ-0vUCQhNYk2DcYnp-W0W-r7iwqmS1d0Ul_ojoTH0Mx6DRyDp-RO2xQB4BncKCVWXdac2x_BPQ-lem-TFAGMoxLwK3RtAPLfa0-WsRw-XtAebp8r3zfxQCCM2yaPcL6DoSI4zarllNGmSZJI64Ly7bWNlZxkqr7IJfn6HEsXvZADlyY__Ph_YQpTxxl3-q6D6-knRf0GszqUd-3H5Yb85Hec2ouGNq0-4BdNDuoN4pa8%2526sai%253DAMfl-YRa7sTSlDqWs_LlUnixEon-R2_64Dvs2OGcdHAqU6XEC3g3UqChZqRL2QxbBZdbs7xGm8bOYhzVqsHkv_eDBhtxJl4EbBU1ozuhnggtFn29HY_K7MxCONxXxbcIhm2N4jwx9XEQGNGnfdPzzKAg9-TwCHTnoaTASv8HWRHIGDgvDtMUCNy3edQKIQwh_i4Ig972YNkLypvN8kY6Woq1Pi-swfoCyEkOzGA%2526sig%253DCg0ArKJSzLkrr4nYZ-puEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=28195199&PLCMT_ID=341376302&AD_ID=534000586&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=341376302&cachebuster=1660895872&TC_1=cmm9q5m2ohy&TC_2=28195199&TC_3=341376302&TC_4=175149797&TC_5=dcmadvertiserid|8404942$dcmcampaignid|28195199$dcmadid|534000586$dcmrenderingid|175540445$dcmsiteid|6958819$dcmplacementid|341376302$customer|Microsoft$dv360auctionid|&nr=0.22142710801040044&edge=y&html5=y&loc=https%3A%2F%2Fd2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf

Request headers

Referer: https://ads.everesttech.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3934
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 Aug 2022 07:58:24 GMT
ETag: "150315370-3fce-5e32201ac1000"
Expires: Fri, 19 Aug 2022 08:58:24 GMT
Last-Modified: Wed, 06 Jul 2022 12:21:20 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H/1.1 200
OK mraid.js Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame ED81 0
390 B 5ms
5ms Script
text/javascript 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/mraid.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=Yv9CoAAABmBjWUJl
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=Yv9CoAAABmBjWUJl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:24 GMT
Last-Modified: Wed, 06 Jul 2022 12:21:20 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "150315371-0-5e32201ac1000"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Server: Apache
Expires: Fri, 19 Aug 2022 08:58:24 GMT

GET
H/1.1 200
OK html5-ad-script_v4.html Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame F291 16 KB
4 KB 3ms
3ms Document
text/html 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=Yv9CoAAAAxeGMk1D
Requested by: Host: ads.everesttech.net
URL: https://ads.everesttech.net/ads/mti/20743/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__aOhazz3vVtdCrbylgtnnrONeraAFVY-ykhqlgrRMZyjPRpJljUohppBY16T1Yoq7wIrqaRMqES6on9UXuJVhShm8WHblcnypRgUBvdo2e6eSB7HIVuiKeLDNwfaJfMDH1Psu9q38ylXKu8xEIKJaC_yoLfr-1rdC-ZqdO3G9r7Iwi-ES-DavGZFMj3MppX6u61RrNUv1RsdejIaXiteXTKmuFo6ooqgEPhNcti0mqwtL0_eAadQShDKSoEHDnGOo5kH5YcAAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsuvpEVPWSCafncHCgkVqJJDAhsGGaCrF2TnVdAv_0KjaOgZ5ygn1HhzRWhGyFtxkJZKn4nssFsVP6AqhyRzKKXsx8m-0wdgkfQFUlK7aSmyC0S4beYFkt8aBFTjwfY11xJFkgXyUFgGCbC4AMgAe5cPRIlxAUipA-vDY9XoEtaeoHGDJJaJMQw12EMsm791caXc6BNPhaQAt4MEuDrWqY5drrMD6EmwoGUQ3xMYju5W2XXUHCYXyMPHHOvg-yrYzhrTrFh-EPSmsUA1fUtD3NmsF6Vb4-9eS-R7XP0RgoVZL0XV3aSwdXAS8M5q4ZTLFlupVkF97PxSdcpaiqgoy_9MmcmfSa2rxD0-xRVZrhiykRw6y_fhTNJuXpltN6J6iR6dF0lNzGag6prkbg4fZdB01Pdkxhh9GK8tW8nzI0etczC6w49RH4gLG9k-qirHev6HzGl1GyfizEowJVtimJWu7Ys8_q0TSW3eOilSKM-4sJA20UX3J3c0b-RLV8dyWGeU2oMCauxNQBS-YrsPlMfBy2_PCGQrjGu__KvQcgatpyReVlqXOSl3Y3uySpb6mWQNSaMP-qI-PFCGJuvlyFnY2PoN1KK7gc_lHyNi3Z7PkMkElOouPuBOC92MfZxRxaOOW-pI0PkZAoRX2qu1s59ykeH4jsCFHMXImtNfmPNyOT17ZTtHaNqkSKv5X5bqY1szjF6sXN0aaEroPJyKQiNozMnwIcTEjtsbNhyhG6arI9sI0uPGDneJ_ol481UzCHnY37eCXPvRjHsp40mEfqhEq14uPQ8taf5cDAp5MjiURjZomoHt_boEvt0vIMbA_AhyFgbHEwy0r1XwPrbWvuGqz5EYP1kPl6ofvn4dXrKKId-E3R8aPnuNsFGx4_rakEdo7kK0T1eUfAAvWeondklu7gTaCiO574tEzMq2PgguCjraz4a5tqi9rAkWbOKVj5Kwe2NxHR0INmzJX5Uxb6kn1E_z_2iHd8_c6xjlh7oybYz0Dpx-vLKc3sBIVYV_wwLWowUp7LhDHt-nPAxG_gkrfskk0n22Ndg6eoFbKcprtTo54bIIP6EWPfqy-fRsYQD2mcvZJAzDq2l59h2WHPstqS3Olk1Xyfut1cGuDlXfTG21ZQ8KheWVhrsKu7a27VOrnAl9_xRPk4uwr0IuYL3afNoxCpJNX7vaqd5YSFbLG5aOMVMOO2vLmuKGl0X2fNZzdLXqTsEO%2526sai%253DAMfl-YRfesTWX_bR-y98Ru-t31V5KCi8M2XXhuRWOUqlqwRLisMbp59kOJOBO2bK_BE-n5zheT9AS9NtFhcPIOWEz7I_SQUawQvcYIz3y8FqhvF-zor2EPS8RRmBHPFPyJQexYnJx7r24WKH3oJW-fctCNHD7xNvYJD6Mw6u6T7fuPNM9W-Nit-OCmAKF8SfwiSJsU5JailJm_c_dqEu9MSWHjwvn_wov0wGD7k%2526sig%253DCg0ArKJSzPekn0F5kSKTEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=28195199&PLCMT_ID=341376302&AD_ID=534000586&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=341376302&cachebuster=1660895872&TC_1=cmm9q5m2ohy&TC_2=28195199&TC_3=341376302&TC_4=175149797&TC_5=dcmadvertiserid|8404942$dcmcampaignid|28195199$dcmadid|534000586$dcmrenderingid|175540445$dcmsiteid|6958819$dcmplacementid|341376302$customer|Microsoft$dv360auctionid|&nr=0.005261786617116515&edge=y&html5=y&loc=https%3A%2F%2Fd2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf

Request headers

Referer: https://ads.everesttech.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3934
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 Aug 2022 07:58:24 GMT
ETag: "150315370-3fce-5e32201ac1000"
Expires: Fri, 19 Aug 2022 08:58:24 GMT
Last-Modified: Wed, 06 Jul 2022 12:21:20 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H/1.1 200
OK z160x600.html Show response
dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ Frame 4288 7 KB
3 KB 7ms
3ms Document
text/html 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/z160x600.html
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=Yv9CoAAABmBjWUJl
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6030514be9d5666a3e31cad530e3e6797d005f766df9cc860eedbf5cdc8a7a86

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=Yv9CoAAABmBjWUJl
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2145
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 Aug 2022 07:58:24 GMT
ETag: "103f8aea7-1ca9-5c130462564c0"
Expires: Fri, 19 Aug 2022 08:58:24 GMT
Last-Modified: Fri, 30 Apr 2021 13:06:03 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H/1.1 200
OK mraid.js Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame F291 0
390 B 4ms
3ms Script
text/javascript 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/mraid.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=Yv9CoAAAAxeGMk1D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=Yv9CoAAAAxeGMk1D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:24 GMT
Last-Modified: Wed, 06 Jul 2022 12:21:20 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "150315371-0-5e32201ac1000"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Server: Apache
Expires: Fri, 19 Aug 2022 08:58:24 GMT

GET
H/1.1 200
OK z160x600.html Show response
dco-assets.everestads.net/ics-campaign//5031/t/10537/1/ Frame 457B 6 KB
2 KB 3ms
3ms Document
text/html 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/z160x600.html
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=Yv9CoAAAAxeGMk1D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6be79a9f285be560603668c6ce6f15c0ef6c888e8b233ac07a25c6d88e8da7b2

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=Yv9CoAAAAxeGMk1D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1787
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 Aug 2022 07:58:24 GMT
ETag: "154480ceb-18b6-5e4cd871ff380"
Expires: Fri, 19 Aug 2022 08:58:24 GMT
Last-Modified: Wed, 27 Jul 2022 18:24:30 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H2 200 AMOLibrary.js Show response
ads.everesttech.net/ads/static/local/ Frame 4288 5 KB
6 KB 115ms
115ms Script
application/javascript 35.166.70.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/static/local/AMOLibrary.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/z160x600.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.70.223 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-70-223.us-west-2.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: cache
date: Fri, 19 Aug 2022 07:58:24 GMT
last-modified: Wed, 22 Dec 2021 09:29:42 GMT
server: AMO-jAds/1.1
etag: W/"5582-1640165382000"
content-type: application/javascript
cache-control: cache,store,max-age=86400
accept-ranges: bytes
content-length: 5582

GET
H2 200 AMOLibrary.js Show response
ads.everesttech.net/ads/static/local/ Frame 457B 5 KB
6 KB 116ms
115ms Script
application/javascript 35.166.70.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/static/local/AMOLibrary.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/z160x600.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.70.223 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-70-223.us-west-2.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: cache
date: Fri, 19 Aug 2022 07:58:24 GMT
last-modified: Wed, 22 Dec 2021 09:29:42 GMT
server: AMO-jAds/1.1
etag: W/"5582-1640165382000"
content-type: application/javascript
cache-control: cache,store,max-age=86400
accept-ranges: bytes
content-length: 5582

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B413 42 B
64 B 46ms
46ms Fetch
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCDDJPZcQ8g6vIjr937-WLJL8e66CQW0HT2JbriEzClTd8PQ7897wArPPyFTl2Zozh2P_MtzV-H1fJ3mKnrWb8sleyZESwZ9VJWHsvQAflMWar9upzVDxn2VCwmKW8bdAhPMk2tOX33g&sai=AMfl-YSRNDfZ0Mmrq89Q5i3pQk5Xd9IzBc-rRTk02e0OlL42P5GNwCCxj7mH2-L79JJPBColtkomr2W7Peoeemhb0EZGL1y0q-fBcJnSb_9-b75iZ8e0zOZrAHB3KU4_&sig=Cg0ArKJSzNL3oNWetDVkEAE&cid=CAASJeRo9azXVw5dYTQKQk3PyyJ70uyGNDqqRblo9WUU5mazbpcmFh0&id=lidar2&mcvt=1001&p=7011,0,7101,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2408872552&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660895900073&rpt=3001&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK M365_FY21Q4SMBCustStories_USA_160x600_BAN_ThinkUp_EN_NA_Standard_ANI_WACM_NA_1.htm Show response
dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/ Frame 0497 23 KB
8 KB 5ms
4ms Document
text/html 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/M365_FY21Q4SMBCustStories_USA_160x600_BAN_ThinkUp_EN_NA_Standard_ANI_WACM_NA_1.htm
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/z160x600.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 738b3accc53204b27ec05bbf90aa584cd756f4de95c033f3795d81ce20017de7

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/z160x600.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 7231
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 Aug 2022 07:58:24 GMT
ETag: "103f8aeb5-5d5e-5c130462564c0"
Expires: Fri, 19 Aug 2022 08:58:24 GMT
Last-Modified: Fri, 30 Apr 2021 13:06:03 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H/1.1 200
OK M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm Show response
dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/ Frame C4E4 5 KB
2 KB 4ms
3ms Document
text/html 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/z160x600.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c53fdb18744fc709aba272f955b620f92214c28951e25abb1990d549c3a4c89f

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/z160x600.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1716
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 Aug 2022 07:58:24 GMT
ETag: "154179c11-131e-5e4cd871ff380"
Expires: Fri, 19 Aug 2022 08:58:24 GMT
Last-Modified: Wed, 27 Jul 2022 18:24:30 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H/1.1 200
OK iphone-inline-video.min.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/ Frame 0497 4 KB
4 KB 4ms
3ms Script
text/javascript 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/iphone-inline-video.min.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/M365_FY21Q4SMBCustStories_USA_160x600_BAN_ThinkUp_EN_NA_Standard_ANI_WACM_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e66d37d5a331f7b71d22a6fc78829fb49f7b8ce5c6cff769931e5e4e13917108

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/M365_FY21Q4SMBCustStories_USA_160x600_BAN_ThinkUp_EN_NA_Standard_ANI_WACM_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:24 GMT
Last-Modified: Fri, 30 Apr 2021 13:06:03 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "103f8aeb6-ff6-5c130462564c0"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4086
Server: Apache
Expires: Fri, 19 Aug 2022 08:58:24 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/ Frame 0497 60 KB
22 KB 29ms
11ms Script
application/javascript 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/gsap.min.js

Requested by

Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/M365_FY21Q4SMBCustStories_USA_160x600_BAN_ThinkUp_EN_NA_Standard_ANI_WACM_NA_1.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2990901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21845
timing-allow-origin: *
last-modified: Wed, 26 Aug 2020 23:14:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f46ecc0-eeae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NCpcTwGr01asy3YK%2FU2q6Q1ryz2%2BjgrlQZnvF8PiJp%2Fpu9F1HT4DIGp%2BmIyxiL1trGGW76eQR4kBchTU9ouw%2BABDKbCl103K4PFK1ArG6FTTm3xiJyNDOlGnD%2BhO1GheYD4fApic8D9NiIbrD79ggLz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73d1580a5f51af7b-NRT
expires: Wed, 09 Aug 2023 07:58:24 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 0497 236 KB
63 KB 40ms
18ms Script
text/javascript 2600:140b:400::1721:2053

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/M365_FY21Q4SMBCustStories_USA_160x600_BAN_ThinkUp_EN_NA_Standard_ANI_WACM_NA_1.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:140b:400::1721:2053 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:24 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Fri, 19 Aug 2022 08:13:24 GMT

GET
H/1.1 200
OK M365_FY21Q4SMBCustStories_USA_160x600_BAN_ThinkUp_EN_NA_Standard_ANI_WACM_NA_1.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/ Frame 0497 31 KB
31 KB 9ms
9ms Script
text/javascript 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/M365_FY21Q4SMBCustStories_USA_160x600_BAN_ThinkUp_EN_NA_Standard_ANI_WACM_NA_1.js?1501171107836
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/M365_FY21Q4SMBCustStories_USA_160x600_BAN_ThinkUp_EN_NA_Standard_ANI_WACM_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b980e668b2fbb803ff33b18560b1a88a8d100aebe666fad89feda6b6e71cbf25

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/M365_FY21Q4SMBCustStories_USA_160x600_BAN_ThinkUp_EN_NA_Standard_ANI_WACM_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:24 GMT
Last-Modified: Fri, 30 Apr 2021 13:06:03 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "103f8aeb9-7aa6-5c130462564c0"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31398
Server: Apache
Expires: Fri, 19 Aug 2022 08:58:24 GMT

GET
H/1.1 200
OK iphone-inline-video.min.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/js/ Frame C4E4 4 KB
4 KB 3ms
3ms Script
text/javascript 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/js/iphone-inline-video.min.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e66d37d5a331f7b71d22a6fc78829fb49f7b8ce5c6cff769931e5e4e13917108

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:24 GMT
Last-Modified: Wed, 27 Jul 2022 18:24:30 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "154480ced-ff6-5e4cd871ff380"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4086
Server: Apache
Expires: Fri, 19 Aug 2022 08:58:24 GMT

GET
H2 200 all.min.js Show response
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/js/ Frame C4E4 1 MB
350 KB 18ms
8ms Script
application/javascript 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/js/all.min.js

Requested by

Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

b8d6285de7d646abfe3ec205fce7e5366c2d28ce254ad9fdcabcf681597aca6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 750167
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 357529
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-120bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2F8e4GZ9lc%2Brjj%2Fq3gvmq3Cyy9OZVeMLr8nRpqkQsWaj6iRdJ4a1sBmJ102WZrsbAUb4M8TX%2BGFCVqLvaxaDQAy4TmstNGrhrZtjHmc%2FL4IRDTwxFxEPvVSde2cWttZ40%2FfqKulMyMr0qmw9QzDLSAq8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73d1580a5f55af7b-NRT
expires: Wed, 09 Aug 2023 07:58:24 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/ Frame C4E4 62 KB
22 KB 31ms
21ms Script
application/javascript 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/gsap.min.js

Requested by

Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 120325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22641
timing-allow-origin: *
last-modified: Wed, 29 Sep 2021 08:04:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61541e28-5871"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cq%2FMqNY22ks3Zccy%2F%2BtnDGg5wA5U9gPYt2vLelaTL%2BWin9huaD46G7BS2b3WRp6cywn6H8Y5YG9DMz%2Fs2LQkHJkLX8ZnGcPv%2FeAOHC39Sbz2meIR%2ByCn3FI0ZC8WnLnTCpFBRWaY9IB71OUPyXIi5VcP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73d1580a6f56af7b-NRT
expires: Wed, 09 Aug 2023 07:58:24 GMT

GET
H/1.1 200
OK SplitText.min.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/js/ Frame C4E4 15 KB
16 KB 7ms
3ms Script
text/javascript 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/js/SplitText.min.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 51e42f06d6a3da19b5e618e837bab6f288e4b2ee70688243274a8b6dd0d78b8d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:24 GMT
Last-Modified: Wed, 27 Jul 2022 18:24:30 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "1545202e5-3ce4-5e4cd871ff380"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15588
Server: Apache
Expires: Fri, 19 Aug 2022 08:58:24 GMT

GET
H2 200 CustomEase.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ Frame C4E4 7 KB
4 KB 21ms
11ms Script
application/javascript 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/CustomEase.min.js

Requested by

Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

dee29c115d1e5e81fd5866cfced7aa42da0b4a720ba1c5916dfccc85d3457ee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3750544
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3298
timing-allow-origin: *
last-modified: Fri, 22 Apr 2022 16:32:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6262d89e-ce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FyVazR2pczFYoCIXitAiWQob%2BYLPtdsRbRDaduqMFOHQZ8rkxNEWsgAiT%2FoXdrNZQvYtbhS0wPwZz8q5HcDoe3TM3sOy88RhkTz8v%2F9bFZc8B%2BafCD1v%2FK8MlSbsfy5HKx2vwzrDDOPYuVqqIC1fLYP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73d1580a6f57af7b-NRT
expires: Wed, 09 Aug 2023 07:58:24 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame C4E4 236 KB
63 KB 33ms
19ms Script
text/javascript 2600:140b:400::1721:2053

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:140b:400::1721:2053 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:58:24 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Fri, 19 Aug 2022 08:13:24 GMT

GET
H/1.1 200
OK M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/ Frame C4E4 7 KB
7 KB 10ms
4ms Script
text/javascript 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.js?1501171107836
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e25d1128ac6966eb98ad5d67da0da7deeb6a32234903c8e8619328070e0c5884

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:24 GMT
Last-Modified: Wed, 27 Jul 2022 18:24:30 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "154480cec-1ba2-5e4cd871ff380"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7074
Server: Apache
Expires: Fri, 19 Aug 2022 08:58:24 GMT

GET
H/1.1 200
OK main.css
dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/css/ Frame C4E4 1 KB
2 KB 4ms
2ms Stylesheet
text/css 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/css/main.css
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b9251da1de4ebcf1a210256763d6c0549409ebe3fd27dab5aa41d6da65d0430b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:24 GMT
Last-Modified: Wed, 27 Jul 2022 18:24:30 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "1545202e4-524-5e4cd871ff380"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1316
Server: Apache
Expires: Fri, 19 Aug 2022 08:58:24 GMT

GET
H/1.1 200
OK searchbar.png
dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/video/ Frame C4E4 12 KB
12 KB 4ms
4ms Image
image/png 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/video/searchbar.png
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bee23c89db1bcece116c14c514901e3e2d843e56e6d5ef3a3087a041f65d1cb4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:24 GMT
Last-Modified: Wed, 27 Jul 2022 18:24:30 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "154480cee-2e55-5e4cd871ff380"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11861
Server: Apache
Expires: Fri, 19 Aug 2022 08:58:24 GMT

GET
H/1.1 200
OK amoAd.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/ Frame C4E4 5 KB
5 KB 3ms
3ms Script
text/javascript 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/amoAd.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3153d3e0d4e9d49f21d4db674f33a69580db465d60a6aaeae6bf79f9f8523747

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:24 GMT
Last-Modified: Wed, 27 Jul 2022 18:24:30 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "1540df2b5-121a-5e4cd871ff380"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4634
Server: Apache
Expires: Fri, 19 Aug 2022 08:58:24 GMT

GET
H/1.1 200
OK init.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/js/ Frame C4E4 11 KB
11 KB 4ms
4ms Script
text/javascript 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/js/init.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: afc504f83cbfcc965e6ab2dc1d9b11234f8e4147afd8a265c87bf6450138bc1c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:24 GMT
Last-Modified: Wed, 27 Jul 2022 18:24:30 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "154329a58-2aeb-5e4cd871ff380"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10987
Server: Apache
Expires: Fri, 19 Aug 2022 08:58:24 GMT

GET
H/1.1 200
OK anim.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/ Frame C4E4 3 KB
4 KB 13ms
13ms Script
text/javascript 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/anim.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e905b27cc7e97ba7e8ccf790c64a0552f9827365c4aeb06748d9a7e95a81e1e7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:24 GMT
Last-Modified: Wed, 27 Jul 2022 18:24:30 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "1542438fa-c7b-5e4cd871ff380"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3195
Server: Apache
Expires: Fri, 19 Aug 2022 08:58:24 GMT

GET
H/1.1 200
OK SegoePro-Semibold.woff
dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/fonts/ Frame 0497 56 KB
56 KB 7ms
6ms Font
application/octet-stream 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/fonts/SegoePro-Semibold.woff
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/M365_FY21Q4SMBCustStories_USA_160x600_BAN_ThinkUp_EN_NA_Standard_ANI_WACM_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3f0adf92545715fec28b3ad44403a28c18f98ba98b126b988f29a56254ae8f8d

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/M365_FY21Q4SMBCustStories_USA_160x600_BAN_ThinkUp_EN_NA_Standard_ANI_WACM_NA_1.htm
Origin: https://dco-assets.everestads.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:24 GMT
Last-Modified: Fri, 30 Apr 2021 13:06:03 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "103f8aebb-df68-5c130462564c0"
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57192
Server: Apache
Expires: Fri, 19 Aug 2022 08:58:24 GMT

GET
H/1.1 200
OK Think_Up_160x600.mp4 Show response
dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/video/ Frame 0497 2 MB
2 MB 6ms
5ms XHR
video/mp4 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/video/Think_Up_160x600.mp4
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/M365_FY21Q4SMBCustStories_USA_160x600_BAN_ThinkUp_EN_NA_Standard_ANI_WACM_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: aca4d1416a9ce32d61f1f390f2e355749b36ce35db6f7bb2e8b82fef0050a236

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/M365_FY21Q4SMBCustStories_USA_160x600_BAN_ThinkUp_EN_NA_Standard_ANI_WACM_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:24 GMT
Last-Modified: Fri, 30 Apr 2021 13:06:03 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "103f8aeb8-1b41ab-5c130462564c0"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1786283
Server: Apache
Expires: Fri, 19 Aug 2022 08:58:24 GMT

GET
H/1.1 206
Partial Content Think_Up_160x600.mp4
dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/video/ Frame 0497 1 MB
0 40ms
38ms Media
video/mp4 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/video/Think_Up_160x600.mp4
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/M365_FY21Q4SMBCustStories_USA_160x600_BAN_ThinkUp_EN_NA_Standard_ANI_WACM_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/M365_FY21Q4SMBCustStories_USA_160x600_BAN_ThinkUp_EN_NA_Standard_ANI_WACM_NA_1.htm
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 19 Aug 2022 07:58:24 GMT
Last-Modified: Fri, 30 Apr 2021 13:06:03 GMT
X-Permitted-Cross-Domain-Policies: all
Access-Control-Allow-Origin: *
ETag: "103f8aeb8-1b41ab-5c130462564c0"
Content-Type: video/mp4
Content-Range: bytes 0-1786282/1786283
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1786283
Server: Apache
Expires: Fri, 19 Aug 2022 08:58:24 GMT

GET
BLOB 206
Partial Content 2b886c27-940b-4bbc-9c18-204902c10b5b
https://dco-assets.everestads.net/ Frame 0497 2 MB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://dco-assets.everestads.net/2b886c27-940b-4bbc-9c18-204902c10b5b
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8689/1/ThinkUp/M365_FY21Q4SMBCustStories_USA_160x600_BAN_ThinkUp_EN_NA_Standard_ANI_WACM_NA_1.htm
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aca4d1416a9ce32d61f1f390f2e355749b36ce35db6f7bb2e8b82fef0050a236

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1786282/1786283
Content-Length: 1786283
Content-Type: video/mp4

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 29BB 42 B
64 B 53ms
53ms Fetch
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4cV5HNoq7qagvKD-p7shK8eqSR8iJCEOptt5VFKmSsSJUyiO2wKzWFxT6Muu4dAuh4IcDxaHHDLndDSCUFwF6wnCKN8oPehqEGI_eqzA43XXmNOvlcWaanBSMcxjB_UU8kzzipWB5YA&sai=AMfl-YRvXiBF0yo-If_59hq74bzlacZA7HI5Tn3yF7uvMuvhxBeFZtwR_9bdml0LNPdI_F8RuBdJKfUowWbHs6OmV_f9IVd9MXUG7QJxDlVJropIV4sOq5VYa_Jo7Bo6&sig=Cg0ArKJSzI1nDG8ePDaCEAE&cid=CAASJeRogwUZzX1wrEddITRVPDaktf24qM5RfP1uIT8uS68x4qIdv0I&id=lidar2&mcvt=1035&p=0,1440,600,1600&mtos=1035,1035,1035,1035,1035&tos=1035,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3467143027&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660895900062&rpt=3471&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame CF93 42 B
64 B 51ms
51ms Fetch
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFVr5kersaMSW3AzchdohYOcTuw_fGeFpyxvljTIamIfbkcom6Jh-sireiXQhqRYSGBgRkbhprYzQLiVT3uBnHz5wQNIFJL6zMoa_sxbbbJwfIoYXPcrxAqPU7kVmsPD3dKzOK9lQmxA&sai=AMfl-YTKHOvARCPgHkKYLs6QYY6xAAx7uCm41iJfKDhPZN8NgA43dR1Pqam1_D804NAbUAfeHPSoSSJivSEBPKurQEMGezBmRzkOmDgHvpqROXnPva73OPYFVo-sfRdW&sig=Cg0ArKJSzIURGOjM14wFEAE&cid=CAASJeRo__gVZwQ1QbKOn16hrXDzzNrD8d_eYcGlixhPM9Vv2yESA8g&id=lidar2&mcvt=1037&p=0,0,600,160&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2758468839&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660895900066&rpt=3483&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 07:58:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK SegoePro-Semibold.woff
dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/fonts/ Frame C4E4 25 KB
26 KB 4ms
3ms Font
application/octet-stream 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/fonts/SegoePro-Semibold.woff
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: dd5cedf68c73545e36272585c781c66d4d723804e427be71a95c9b2610f2f8c8

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
Origin: https://dco-assets.everestads.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:24 GMT
Last-Modified: Wed, 27 Jul 2022 18:24:30 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "15384c61b-6590-5e4cd871ff380"
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26000
Server: Apache
Expires: Fri, 19 Aug 2022 08:58:24 GMT

GET
H/1.1 200
OK Creators_Refresh_160x600.mp4 Show response
dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/video/ Frame C4E4 2 MB
2 MB 8ms
7ms XHR
video/mp4 184.26.251.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/video/Creators_Refresh_160x600.mp4
Requested by: Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.251.154 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-26-251-154.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 67ef8bc6dd866fb45c0f6c0a9e1e9efcebd389fd206b3d914b7f4a9f508eb8e6

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/10537/1/CreatorsYoga/M365_FY22Q4Opt_USA_160x600_BAN_CreatorsRefresh_EN_NA_Standard_ANI_LEA_NA_1.htm
X-Requested-With: XMLHttpRequest
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 07:58:24 GMT
Last-Modified: Wed, 27 Jul 2022 18:24:30 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "1541f9a12-181f56-5e4cd871ff380"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1580886
Server: Apache
Expires: Fri, 19 Aug 2022 08:58:24 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CF93 0
26 B 43ms
43ms Ping
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1109672/64802888/xbbe/creative/adj?p=APEucNVY6F61u6bWGatYAx4Sr-wLBOcCayL3KKFEg4Rxqy3m0ZiU3zc&d=CokBAKAmf-DVVM8WTxn9gXbvVWK0dUg_xuYiERPQScy0VpvIEH2VNYPrQwDSkLeb4F-F40a26aPSJ53jsGDFZfKhrGyqeto8s7qO_KUxR4FF_fq511jNzFYNUIOZG0NCrSKZM5JiRhFyfNDESk9s15j4_x1DBIzEIzuoWFCXWXxP12dkn0EQPebwJvESiRQAoCZ_4CDPi2SHqXT6QOSNbk8vkI0IJTZVH4ys_Zpa0ilS5oG-sXilws_BXc26BKDjZ13bvLsxoxOUWuHbNtwwlNluw6Xr83N-qt-Qep92qr5rrK_6YlBWD8cIgo8CrTxLER3wOyWST1F67_PXdQZsJPnzNw39Zu2agAIvuEV0GaZsdrgg4wlWPEBg7EmU71O1OS_OVDep64taFehXq09duaLIPULzmkf1hBc-agqqT6JqKX0jJbMQrXI9YNHNUdiV7i4Mq8xhc8gpD8KsQIsWzWihOQhcE9nOGpD6sHV1JEOaCqzmdxqaA_azq48wpwYekvgABt_mB0EsPzUAxnhLWocfInYUe1sMueLHxN3gMErwZ8uTar5AMjAq4y83eJ5sNLo2mUNhgb2PCmzQhfcYgxSInp4ihefc3dZmP-dbSR0XBynvOiw6BuIfcS2ZQ0aVNBih_Fi2rt7aCaeMbugVkCBK4kPjy0sPRHndArHKduIPZKZhp-1frI6DK9a4lVBc8W6F2q7Ext-yzDbDXUyqT7l75wPsbJWIGWSFIt2_uORMSx015HR3cKyKihHLRDNtPqEJ5bwVC3BCschAjeXyrzIAjBQFo8P9ro7_yxAhCVqoQCOUfA_KJrAxSFKR9tD3t1g6LlhBBqnfHLNhyh5neCzmB81er0dhqNt3ZIjet66mw8R12yLBWGaC9TMSbo703_ECOx4skbHED1Ug103470LLnYg9Ch7LiNPsy3xXh7nm_NWgn3BSTd6jqbXMHcIQQEqYxL18JvqkLYe_SwpzyENQ5osjJwuLLxo06SdoOOIqGhu0rhlIFOtUQe1RqeUGTqta7P1z9YKyydHVeSdkgl23jufx1QGCt0wN24mQCOM7i8BDfQTfhoQJtYrIeQ2nqaaJ7l-wA34uWNGY33wv9REsZ2wtsUphmpYpb9l1HSx9--THcR3ixJ0ialRnBodJmqQAmym3Wq7MFwL5OymBIONBW1vYSTTd1HJkOiYpMZ6NngHpSqEcV5AD2H4xeDPRSmUMdti5H5lD7gi3wML9W3fsC8DCVl9ZUgyVsQzLTWJ9nboJb2VHjndLfvjKsx401PBJp3m9242rYKTHzTjPncmk2BrydqZ_SM7P0fBOBOKzQY8bp2IdIv2inK48uhlUjr525VQekIPyMMPcNleRZriN8IQ2PIQWe37pOQRZuCyAGBx30I1EgLaClYEqXlwfmtODMiQRdGpj9kPVnyEDTNvvpBtArONP7KkuShFbpCEpTA_DffoZVKyqxKrZZi1xrGZPUhTK_VDTkSrQskdUooMcsU3mGJG3F0SlFBaA8UeFBmFCObdzsOMKo_EO9OcdrV9yGVADt1CgCLcnXyKkzMj905VemyXWbgT7E5CbIBEaA8xFz4fLV2hto6jFYep_EqS2WRrw0OtfGKLSJsP5JbKmsJqvo4U8hB7H-itd0hrumYfjctBzZKN6wjv993JBLZCphPudthKaWeNxtLL1D0boe9nIX8gPeY0Hkhg8M8WWNh-BYS0gG2mhOhAZeGZQj-WB7x225CYVqARMB5njir12hOATIwQsPanAqM1MFJrFwWLon61mcn3ICUjShlD-5sXdwUFRNZdA6DXw7FrEtYOEy8vZTHwlbW-5KZfdGNhE0Gh5raZgbshUczZQddZuCYmkm7LuQhjIdWRWqGLGSXku8bcwUGXIQd1puGDN3QGETODkPH5l1tzknsFBR6EoMXYuElFZ_f2b2zgjTK8ZIxfrK2CObFTjrBXFGU2SUWccuX1QiRqMjxy4NrAYOpIQAn4GL9rU1IxFKhjRAbxYR14tBrDn8r3BlzpRL1hB5KdQrqFd2iIpX4YDK_cB-xvctn1v-SGVgDVahWjQNunhJXt0AZ7NtpP3yqdOu1Toc-XqXcowLgzCK6kYG8a0cF9oKRK2-ZCZFK_iY0ekdyxxE8lDQU5Y1_SQCNABEwYjvE42l1MS_0_nLyhCyt0FEUha0wBjMbIR7L33ogMumUbk0CHZqfi9dPwWleOFgEo_A6ICFpacdopGQl8yZn-c8cb3NIVYet5B-2NPRvpU3h4l8_fyLctY4a-My9si26cJS8veQHxk7j3fNdpO9j4pZ3bxfpJ8senqtd4xg_3ZQGsU4ov8bEeFFuOVeLi05g5uglYwxfX7xNZ9r_d-sCzhJWtd6JL6kYvyaIBHypXGaSpCBXM6nz6b975n8TgRqy3JDYxa1CYJhxBv9OkccLutdnqa21HWdPL6UlHJ5x6JgIIdT717leeVA08Bn7dVALp4dTJNuGeuppl08F7ROWoLaRMqWCBEWP8JmKczUufasB9XKJSQ0as_hnZQ_BBYCJLsaPtx0iKkmACEahL289EXazYKitwgyapfbpZ6Gv3WhV1GtUSXeX89-qRnQQKz4XWlu5UoXaOIcp4dLfFB-SEkAs-CwmN0pRItWfodIZM28kN4i-dSrCkNoV_KpsBTvjBMPQuijZ_DDkDO-cXMsB0-JLqxjb6pa_st2rKd6lW4KCDQYwY3dWTiZniPZG3rTiCy4GMyuvx98IlFxYdTQ3jFVG9h4ORGgSpBWlH9fbHoTLMdmeJ8JkEqHKdS-CpR9wYEJq460d64Jf1CQ91FzuwFtvN4WSqAXtjjUlCmTKfrcs738096aahhx5EIfJ5OlgZbqEz30vx6VJ9Lt9IBZN-6Jmtd45o5MAoqweKydaKKQE4MmCZSxmH0wpAZa9GfJLmaGPFqK00cPbI0rPvSZqqQjsYEnv4jntNcGfcnQvzmOp1vGyb6CCTmtvoibWBD8siNSt0X-ojhzTW_r40TglFA7kU8tou9OaMjkt6l94cfN5Zxel6jYczTP7mNd5u69Me801lO0RMsJMUIZANRn9AMTJGyLaDqVeWRSGI38eY5bydMEdexVc8enWQUntirmlfCWbCJUNhGcbudcpxz-uy5cwhz6K2_V3Hq9bEuylr4Qq6eltkz9699YurfcImu_P5Qd4xHhboRaKjmWBjrgVzIOO6FGC_4kxpoyPrhG1MoP2xqU9rDwBxazX9mYgi7DSc69JL_MpqDnQwyLv4N69KA-nZh1d3AA-sURlb2_B-Uf8BChURFvHB6IngY5xGTlfP_d2gpk2kueHfhHpJa4rkRPSTq8EUjSINkNtJB1Bp_xGTksmooESIzsX6vONkl-7CeqATBJLuko3YE-cXnMIQR2dEATSBnlusj5C1DQ9xFIfJ3l1PipcbOceksf908f_epNut63X3r5HurCQrCR-vMmXn0xpA5HhYaGvVf5cv4Jlu4UqMKUkiRT_ULHje1q5he9IuLgfeNRb4WSEAcrf-ZE0yLNmGkyShufIeCqFbLeM2uNzqW0ABMsODPMAhc_nTldH8drCUQ1ZepEf213mXN4wLcOlXkBBCFafKEdtT-v0y9zr_qgzvGtvx9GikIABIl5Gj_-BVnBDVBso6fXqGtcPPM2sPx395hwaWLGE8z1W_bIRIDyGAB&cry=1&ias_dspID=3&ias_campId=1008365748&ias_pubId=pub-7383171830614216&ias_chanId=1&ias_placementId=17749152915&bidurl=https://cloudo3.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gaj3TMv75giQIPqhYXvF5S&adsafe_url=https%3A%2F%2Fcloudo3.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fd2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fd2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c402dd72-af98-7f3f-5b08-c6cca16a015d,c:lINjSf,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b88cc7b76-v5ql2,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:teWpWE0+11%7C12%7C131%7C132%7C141%7C151%7C152%7C161%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f%7C1g1%7C1g2%7C1g3%7C1h*.1109672-64802888%7C1h1%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n,idMap:1h*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:24,oid:b254dbee-1f94-11ed-8ad3-a67c96319d07,v:19.8.343,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://d2749aaa186933b9c02144de126b89a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Aug 2022 07:58:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 200 node.php
node.setupad.com/node/ 0
208 B 273ms
273ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/3002
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://cloudo3.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 19 Aug 2022 07:58:24 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 29BB 0
26 B 41ms
41ms Ping
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS