lanterman.web.fc2.com Open in urlscan Pro
104.244.99.169 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://lanterman.web.fc2.com/
Submission: On August 14 via api (August 14th 2023, 7:05:56 pm UTC) from US — Scanned from DE

Summary HTTP 213 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 52 IPs in 9 countries across 39 domains to perform 213 HTTP transactions. The main IP is 104.244.99.169, located in United States and belongs to FC2-INC-2, US. The main domain is lanterman.web.fc2.com.

This is the only time lanterman.web.fc2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	104.244.99.169 104.244.99.169	63210 (FC2-INC-2) (FC2-INC-2)
17	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	192.0.72.20 192.0.72.20	2635 (AUTOMATTIC) (AUTOMATTIC)
1 2	2a02:26f0:480... 2a02:26f0:480:23::1726:62b4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	92.205.2.206 92.205.2.206	21499 (GODADDY-SXB) (GODADDY-SXB)
1	204.228.68.58 204.228.68.58	62671 (UNIVERSIT...) (UNIVERSITY-OF-COLORADO-SYSTEM)
1 2	23.227.60.200 23.227.60.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.244.99.54 104.244.99.54	63210 (FC2-INC-2) (FC2-INC-2)
1 1	94.229.72.123 94.229.72.123	42831 (UKSERVERS...) (UKSERVERS-AS UK Dedicated Servers)
1	199.59.243.224 199.59.243.224	16509 (AMAZON-02) (AMAZON-02)
3	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	104.244.99.107 104.244.99.107	63210 (FC2-INC-2) (FC2-INC-2)
4 16	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2 10	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4 27	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3	2a02:3d0:6:a0... 2a02:3d0:6:a000::3	22822 (LLNW) (LLNW)
6	104.244.99.99 104.244.99.99	63210 (FC2-INC-2) (FC2-INC-2)
1	104.244.99.67 104.244.99.67	63210 (FC2-INC-2) (FC2-INC-2)
5	199.48.209.213 199.48.209.213	63210 (FC2-INC-2) (FC2-INC-2)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
4 8	14.0.41.202 14.0.41.202	54994 (QUANTILNE...) (QUANTILNETWORKS)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
4	52.84.174.105 52.84.174.105	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:480... 2a02:26f0:480:25::1726:620a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	202.233.84.9 202.233.84.9	131957 (MICROAD M...) (MICROAD MicroAd)
1	2600:1901:0:e... 2600:1901:0:e207::	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 6	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	52.28.179.48 52.28.179.48	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 5	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
3 3	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
2 2	3.120.29.172 3.120.29.172	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:52d1:b8b3:a311:ae99	16509 (AMAZON-02) (AMAZON-02)
2	130.211.14.194 130.211.14.194	15169 (GOOGLE) (GOOGLE)
4	202.233.84.10 202.233.84.10	131957 (MICROAD M...) (MICROAD MicroAd)
2 2	52.210.224.221 52.210.224.221	16509 (AMAZON-02) (AMAZON-02)
2	18.177.216.241 18.177.216.241	16509 (AMAZON-02) (AMAZON-02)
2	54.178.43.249 54.178.43.249	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:225... 2600:9000:2251:3800:c:2040:40c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:224... 2600:9000:2248:d400:1f:2964:4340:93a1	() ()
2	54.150.85.237 54.150.85.237	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:261... 2600:9000:2611:fc00:1d:4ba6:de80:93a1	() ()
213	52

11 104.244.99.169 (United States)

ASN63210 (FC2-INC-2, US)

lanterman.web.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.20 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

localtvwqad.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:23::1726:62b4 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

s3.india.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.205.2.206 (Strasbourg, France) 1 redirects

ASN21499 (GODADDY-SXB, DE)
PTR: 206.2.205.92.host.secureserver.net

www.woodlandsnaturalhealthcentre.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.228.68.58 (Denver, United States)

ASN62671 (UNIVERSITY-OF-COLORADO-SYSTEM, US)
PTR: www.cusys.edu

www.cusys.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.227.60.200 (Canada) 1 redirects

ASN13335 (CLOUDFLARENET, US)
PTR: cdn.shopify.com

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.99.54 (United States)

ASN63210 (FC2-INC-2, US)

media.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.229.72.123 (London, United Kingdom) 1 redirects

ASN42831 (UKSERVERS-AS UK Dedicated Servers, Hosting and Co-Location, GB)
PTR: no.rdns.ukservers.com

secularcoalition.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.59.243.224 (United States)

ASN16509 (AMAZON-02, US)

ww1.secularcoalition.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.99.107 (United States)

ASN63210 (FC2-INC-2, US)

vip.chps-api.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.186.34 (Grosse Pointe, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:3d0:6:a000::3 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)

static.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.244.99.99 (United States)

ASN63210 (FC2-INC-2, US)

media5.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.99.67 (United States)

ASN63210 (FC2-INC-2, US)

textad.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.48.209.213 (United States)

ASN63210 (FC2-INC-2, US)

storage1000-textad.fc2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 14.0.41.202 (Osaka, Japan) 4 redirects

ASN54994 (QUANTILNETWORKS, CA)

j.microad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jgl.microad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.84.174.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-174-105.cdg50.r.cloudfront.net

cache.send.microadinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:25::1726:620a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 202.233.84.9 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

s-rtb.send.microadinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:678:cb4:bbbb::11 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.179.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-179-48.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.35 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:19ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.20 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.193.173 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.29.172 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-29-172.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:52d1:b8b3:a311:ae99 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.14.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.14.211.130.bc.googleusercontent.com

cdn-fluct.sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 202.233.84.10 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

ssp.send.microadinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.224.221 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-224-221.eu-west-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.177.216.241 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-216-241.ap-northeast-1.compute.amazonaws.com

sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.178.43.249 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-43-249.ap-northeast-1.compute.amazonaws.com

i.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2251:3800:c:2040:40c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

spdeliver.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
spcdnpc.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xid.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2248:d400:1f:2964:4340:93a1 (United States)

ASN- ()

ssp-bidder.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.150.85.237 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-150-85-237.ap-northeast-1.compute.amazonaws.com

ssp-bidapi-n1.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2611:fc00:1d:4ba6:de80:93a1 (None, )

ASN- ()

spsvcpc-tls.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 151	647 KB
35	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	188 KB
30	fc2.com lanterman.web.fc2.com media.fc2.com — Cisco Umbrella Rank: 548216 vip.chps-api.fc2.com static.fc2.com — Cisco Umbrella Rank: 303427 media5.fc2.com — Cisco Umbrella Rank: 910219 textad.fc2.com storage1000-textad.fc2.com	445 KB
17	i-mobile.co.jp spdeliver.i-mobile.co.jp — Cisco Umbrella Rank: 466042 ssp-bidder.i-mobile.co.jp — Cisco Umbrella Rank: 848442 ssp-bidapi-n1.i-mobile.co.jp — Cisco Umbrella Rank: 837304 spsvcpc-tls.i-mobile.co.jp spcdnpc.i-mobile.co.jp xid.i-mobile.co.jp	224 KB
13	google.com 2 redirects cse.google.com — Cisco Umbrella Rank: 3436 www.google.com — Cisco Umbrella Rank: 3 clients1.google.com — Cisco Umbrella Rank: 630	380 KB
12	microadinc.com cache.send.microadinc.com — Cisco Umbrella Rank: 188348 s-rtb.send.microadinc.com — Cisco Umbrella Rank: 147918 ssp.send.microadinc.com — Cisco Umbrella Rank: 151970	21 KB
9	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1216 www.googleadservices.com — Cisco Umbrella Rank: 150	600 B
8	microad.net 4 redirects j.microad.net — Cisco Umbrella Rank: 135145 jgl.microad.net — Cisco Umbrella Rank: 187598	120 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	89 KB
6	adingo.jp cdn-fluct.sh.adingo.jp — Cisco Umbrella Rank: 188506 sh.adingo.jp — Cisco Umbrella Rank: 73272 i.adingo.jp — Cisco Umbrella Rank: 98365	11 KB
6	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 921 r.turn.com — Cisco Umbrella Rank: 3853	3 KB
5	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 841 s.tribalfusion.com — Cisco Umbrella Rank: 1914	3 KB
5	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 27309 audiencedata.im-apps.net — Cisco Umbrella Rank: 29725	11 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	282 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 604	3 KB
4	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1053 syndication.twitter.com — Cisco Umbrella Rank: 1269	135 KB
3	ctnsnet.com 3 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 7426	1 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 363	793 B
3	criteo.com gum.criteo.com — Cisco Umbrella Rank: 425 dis.criteo.com — Cisco Umbrella Rank: 608	936 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	3 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 977	2 KB
2	agkn.com 2 redirects d.agkn.com — Cisco Umbrella Rank: 708	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1405	450 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 777	886 B
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3044	207 B
2	secularcoalition.info 1 redirects secularcoalition.info ww1.secularcoalition.info	371 B
2	shopify.com 1 redirects cdn.shopify.com — Cisco Umbrella Rank: 2221	169 KB
2	woodlandsnaturalhealthcentre.co.uk 1 redirects www.woodlandsnaturalhealthcentre.co.uk	387 B
2	india.com 1 redirects s3.india.com — Cisco Umbrella Rank: 859928	38 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1864	297 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 814	98 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 857	463 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1190	788 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 354	146 B
1	cusys.edu www.cusys.edu	8 KB
1	wordpress.com localtvwqad.files.wordpress.com
0	xosnetwork.com Failed image.cdnllnwnl.xosnetwork.com Failed
0	indiana.edu Failed mcnair.indiana.edu Failed
0	southhaventribune.net Failed www.southhaventribune.net Failed
213	39

	Domain	Requested by
27	tpc.googlesyndication.com	googleads.g.doubleclick.net lanterman.web.fc2.com
19	cm.g.doubleclick.net	4 redirects lanterman.web.fc2.com googleads.g.doubleclick.net
17	pagead2.googlesyndication.com	lanterman.web.fc2.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
16	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
11	lanterman.web.fc2.com	lanterman.web.fc2.com
10	www.google.com	2 redirects cse.google.com www.google.com lanterman.web.fc2.com googleads.g.doubleclick.net
8	www.googleadservices.com	lanterman.web.fc2.com googleads.g.doubleclick.net
6	media5.fc2.com	static.fc2.com lanterman.web.fc2.com media5.fc2.com
6	www.gstatic.com	googleads.g.doubleclick.net
5	spsvcpc-tls.i-mobile.co.jp	spdeliver.i-mobile.co.jp spsvcpc-tls.i-mobile.co.jp
5	storage1000-textad.fc2.com	lanterman.web.fc2.com
5	www.googletagservices.com	googleads.g.doubleclick.net
4	spdeliver.i-mobile.co.jp	j.microad.net spdeliver.i-mobile.co.jp
4	ssp.send.microadinc.com	media5.fc2.com
4	c1.adform.net	4 redirects
4	s-rtb.send.microadinc.com	j.microad.net
4	dmp.im-apps.net	j.microad.net
4	cache.send.microadinc.com	j.microad.net
4	jgl.microad.net	media5.fc2.com
4	j.microad.net	4 redirects
3	ius.ctnsnet.com	3 redirects
3	a.tribalfusion.com	2 redirects googleads.g.doubleclick.net
3	match.adsrvr.org	googleads.g.doubleclick.net
3	r.turn.com	lanterman.web.fc2.com googleads.g.doubleclick.net
3	ad.turn.com	3 redirects
3	static.fc2.com	vip.chps-api.fc2.com static.fc2.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	platform.twitter.com	lanterman.web.fc2.com platform.twitter.com
3	media.fc2.com	lanterman.web.fc2.com static.fc2.com
2	xid.i-mobile.co.jp	spdeliver.i-mobile.co.jp
2	spcdnpc.i-mobile.co.jp	spsvcpc-tls.i-mobile.co.jp
2	ssp-bidapi-n1.i-mobile.co.jp	ssp-bidder.i-mobile.co.jp
2	ssp-bidder.i-mobile.co.jp	spdeliver.i-mobile.co.jp
2	i.adingo.jp	media5.fc2.com
2	sh.adingo.jp	cdn-fluct.sh.adingo.jp
2	pm.w55c.net	2 redirects
2	cdn-fluct.sh.adingo.jp	j.microad.net
2	d.agkn.com	2 redirects
2	s.tribalfusion.com	lanterman.web.fc2.com googleads.g.doubleclick.net
2	sync.teads.tv	1 redirects lanterman.web.fc2.com
2	sync-tm.everesttech.net	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	gum.criteo.com	cache.send.microadinc.com
2	fonts.gstatic.com	fonts.googleapis.com
2	cse.google.com	lanterman.web.fc2.com www.google.com
2	cdn.shopify.com	1 redirects lanterman.web.fc2.com
2	www.woodlandsnaturalhealthcentre.co.uk	1 redirects lanterman.web.fc2.com
2	s3.india.com	1 redirects lanterman.web.fc2.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	id.rlcdn.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	audiencedata.im-apps.net	dmp.im-apps.net
1	syndication.twitter.com	platform.twitter.com
1	clients1.google.com	lanterman.web.fc2.com
1	textad.fc2.com	static.fc2.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	vip.chps-api.fc2.com	lanterman.web.fc2.com
1	ww1.secularcoalition.info	lanterman.web.fc2.com
1	secularcoalition.info	1 redirects
1	www.cusys.edu	lanterman.web.fc2.com
1	localtvwqad.files.wordpress.com	lanterman.web.fc2.com
0	image.cdnllnwnl.xosnetwork.com Failed	lanterman.web.fc2.com
0	mcnair.indiana.edu Failed	lanterman.web.fc2.com
0	www.southhaventribune.net Failed	lanterman.web.fc2.com
213	67

This site contains links to these domains. Also see Links.

Domain
twitter.com
essaydot.conajans.com
paymetodoyourhomework.ukessays.xyz
custompaperwritingservice.grabmyessay.life
assignmentmasters.grabmyessay.life
procustomwriting.init-ltd.com
craftanessay.coolessay.xyz
web.fc2.com
textad.net

Subject Issuer	Validity	Valid
*.files.wordpress.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
cusys.edu Sectigo RSA Organization Validation Secure Server CA	`2022-12-14` - `2023-12-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.fc2.com RapidSSL TLS RSA CA G1	`2023-06-09` - `2024-07-08`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
cache.send.microadinc.com Amazon RSA 2048 M02	`2023-01-24` - `2024-02-22`	a year	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.send.microadinc.com GlobalSign RSA OV SSL CA 2018	`2022-10-05` - `2023-11-06`	a year	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
cdn-fluct.sh.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-10-12` - `2023-10-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.adingo.jp Amazon RSA 2048 M01	`2023-02-13` - `2023-11-11`	9 months	crt.sh
*.i-mobile.co.jp JPRS Domain Validation Authority - G4	`2023-03-01` - `2024-03-31`	a year	crt.sh

This page contains 36 frames:

Primary Page: http://lanterman.web.fc2.com/
Frame ID: A5B307FDE6A2158B747874B011B2EA59
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Frame ID: 95A8B4384B6DE2EFE98828746ECEE4A4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=600&slotname=3865380065&adk=2462822920&adf=233326967&pi=t.ma~as.3865380065&w=235&fwrn=4&fwrnh=100&lmt=1519982746&rafmt=1&format=235x600&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1692039942928&bpp=8&bdt=2419&idt=314&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&correlator=8464002683876&frm=20&pv=2&ga_vid=1450332216.1692039943&ga_sid=1692039943&ga_hid=806102051&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=270&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076924%2C44785292%2C44795922&oid=2&pvsid=2929847998735624&tmod=1488762475&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Pk9VWm091Y&p=http%3A//lanterman.web.fc2.com&dtd=348
Frame ID: 55E9DF7E2D7629DEF522AD499794693A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&slotname=3865380065&adk=3534818277&adf=2051345969&pi=t.ma~as.3865380065&w=800&fwrn=4&fwrnh=100&lmt=1519982746&rafmt=1&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1692039942936&bpp=2&bdt=2428&idt=349&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&prev_fmts=235x600&correlator=8464002683876&frm=20&pv=1&ga_vid=1450332216.1692039943&ga_sid=1692039943&ga_hid=806102051&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076924%2C44785292%2C44795922&oid=2&pvsid=2929847998735624&tmod=1488762475&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=BPZk1eXBur&p=http%3A//lanterman.web.fc2.com&dtd=354
Frame ID: 666AB7819475E56FC9C97EA967F0E1DF
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
Frame ID: 73919FC70780338E744E0E202650E665
Requests: 1 HTTP requests in this frame

Frame: https://media5.fc2.com/1187/
Frame ID: F6CF96DFB146F813753CB4B4C6F54EC4
Requests: 8 HTTP requests in this frame

Frame: https://media5.fc2.com/1188/
Frame ID: 6EBE24A0C83951E2E41B87CE8C908608
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&adk=1812271804&adf=3025194257&lmt=1519982746&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x540_l%7C236x540_r&format=0x0&url=http%3A%2F%2Flanterman.web.fc2.com%2F&ea=0&pra=7&wgl=1&dt=1692039948006&bpp=3&bdt=7497&idt=3&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7bb4dad133dce13a-22133ef14fde006f%3AT%3D1692039943%3ART%3D1692039943%3AS%3DALNI_MbjAKIo5pY-fUnqLn9TCriQlejWBw&gpic=UID%3D00000d8b1e482593%3AT%3D1692039943%3ART%3D1692039943%3AS%3DALNI_MapxLZvDEn42EAjO1mHiddnnPyRGw&prev_fmts=235x600%2C800x280&nras=1&correlator=8464002683876&frm=20&pv=1&ga_vid=1450332216.1692039943&ga_sid=1692039943&ga_hid=806102051&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076924%2C44785292%2C44795922&oid=2&psts=AOrYGskepYAHDMlPK3U0h8lnPO9cHz9kluWc18d6-3P_k8WIQaRnQwynf-ENV8QDJ_V2Ejf4sxnKmHeFm5f4h1EefWTv2QvC&pvsid=2929847998735624&tmod=1488762475&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=37
Frame ID: 8DF4D21788D4D3760CFF00CAAC7BD00D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Flanterman.web.fc2.com
Frame ID: 3122198B27C13B807D220FDB6C4FF378
Requests: 2 HTTP requests in this frame

Frame: https://cache.send.microadinc.com/js/cookie_loader.html
Frame ID: E50C5E37A57B8B286BEAA9AFB588BEBD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&adk=1221782170&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1692039949361&bpp=1&bdt=8852&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7bb4dad133dce13a-22133ef14fde006f%3AT%3D1692039943%3ART%3D1692039943%3AS%3DALNI_MbjAKIo5pY-fUnqLn9TCriQlejWBw&gpic=UID%3D00000d8b1e482593%3AT%3D1692039943%3ART%3D1692039943%3AS%3DALNI_MapxLZvDEn42EAjO1mHiddnnPyRGw&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=8464002683876&frm=20&pv=1&ga_vid=1450332216.1692039943&ga_sid=1692039943&ga_hid=806102051&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=3096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076924%2C44785292%2C44795922&oid=2&psts=AOrYGskepYAHDMlPK3U0h8lnPO9cHz9kluWc18d6-3P_k8WIQaRnQwynf-ENV8QDJ_V2Ejf4sxnKmHeFm5f4h1EefWTv2QvC&pvsid=2929847998735624&tmod=1488762475&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=njHK4gkzcI&p=http%3A//lanterman.web.fc2.com&dtd=5
Frame ID: 1A28CFAD49D11983645176EC0296C830
Requests: 10 HTTP requests in this frame

Frame: https://cache.send.microadinc.com/js/cookie_loader.html
Frame ID: C8EAE9ACF65069465F51A8B247E3BC08
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8CB51B8A65DB6CAD728ADEAC4634660F
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4300EA54F6BBA6EA47B85710E452E940
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Frame ID: D0509B50097C812E9920A8795B1CA977
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4217410FF785767623BC2283CD73AF50
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 745AFD3117FAAF5261C4D3FEBDE8C50B
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 95AF4EF85F73D2E142281C9CF257A9E7
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 71068C454BCFCF4977FCD510F54CDF7D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 67D8CAAA47BDFA3CC25EF7B3273DF693
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
Frame ID: 90A05050B879E9422C7B10555631134E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
Frame ID: F0721F00178889C8D87931172FF8D401
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
Frame ID: D5C3F936CC55411202F56D2A59BEEB2F
Requests: 1 HTTP requests in this frame

Frame: https://cdn-fluct.sh.adingo.jp/f.js?G=1000107337
Frame ID: E280985B3D0F1CE77A7B4E864C0AF4A8
Requests: 7 HTTP requests in this frame

Frame: https://cdn-fluct.sh.adingo.jp/f.js?G=1000107338
Frame ID: E32B072C29FA204F5134A82F3EEC06CE
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A3CC4402063AC2FAB8304985A79BA66E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 21B5B6A63B4E13E51D8EED0A7FE13F1D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
Frame ID: 78F86220C6CDD9BAD97CD90F7BFF0F31
Requests: 1 HTTP requests in this frame

Frame: https://cache.send.microadinc.com/js/cookie_loader.html
Frame ID: 59A988E6C77645373FC1959C9ABE6323
Requests: 1 HTTP requests in this frame

Frame: https://cache.send.microadinc.com/js/cookie_loader.html
Frame ID: 239F748339C4374EAA5FF0A11ADDE6F0
Requests: 1 HTTP requests in this frame

Frame: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Frame ID: 776B87AEBA9CCF2ED31A3FD8B184314C
Requests: 4 HTTP requests in this frame

Frame: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Frame ID: F3866DC4F90F716977B5638CCC78DFD7
Requests: 4 HTTP requests in this frame

Frame: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=65803&asid=1544759&asn=1&width=300&height=250
Frame ID: 262EC09F2BE8DC54D2EC7B5998959508
Requests: 4 HTTP requests in this frame

Frame: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=65803&asid=1544760&asn=1&width=728&height=90
Frame ID: 063EAEEAA89F5FFE6A8A803ACA88F7AC
Requests: 3 HTTP requests in this frame

Frame: https://xid.i-mobile.co.jp/RestoreXidToMediaStorage.html
Frame ID: 12BB81D4F4629DAB787F9CE86F72CD85
Requests: 1 HTTP requests in this frame

Frame: https://xid.i-mobile.co.jp/RestoreXidToMediaStorage.html
Frame ID: A00227EADCF4B6D11397A1DAA16D78E1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Write My Essay : 100% Original Content - cost of attendance university of michigan law faculty - lanterman.web.fc2.comsearch

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

213
Requests

75 %
HTTPS

43 %
IPv6

39
Domains

67
Subdomains

52
IPs

9
Countries

2774 kB
Transfer

5909 kB
Size

21
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/hashtag/buyessay
Title: #buyessay

Search URL Search Domain Scan URL

URL: http://essaydot.conajans.com/free-essays/8/paper/university-of-california-berkeley-wellness-letter-april-2000-stock/
Title: university of california berkeley wellness letter april 2000 stock...

Search URL Search Domain Scan URL

URL: http://paymetodoyourhomework.ukessays.xyz/topic/4/paper/visit-malaysia-year-essay-help/
Title: visit malaysia year essay help...

Search URL Search Domain Scan URL

URL: http://custompaperwritingservice.grabmyessay.life/article/6/essay/lucas-jenkins-university-of-wisconsin/
Title: lucas jenkins university of wisconsin...

Search URL Search Domain Scan URL

URL: http://assignmentmasters.grabmyessay.life/topic/1/essay/how-do-i-start-my-essay-off/
Title: how do i start my essay off...

Search URL Search Domain Scan URL

URL: http://procustomwriting.init-ltd.com/article/2/paper/western-university-canada-location-video/
Title: western university canada location video...

Search URL Search Domain Scan URL

URL: http://craftanessay.coolessay.xyz/review/3/essay/university-of-ottawa-electronic-thesis-dissertation/
Title: university of ottawa electronic thesis dissertation...

Search URL Search Domain Scan URL

URL: http://web.fc2.com/
Title: Powered by FC2ホームページ

Search URL Search Domain Scan URL

URL: https://textad.net/cgi-bin/redir.cgi?uid=12572&bid=1&site=https://contents.fc2.com/?tag=TXpjMk1EY3dOak09&dref=textad_general

Search URL Search Domain Scan URL

URL: https://textad.net/cgi-bin/redir.cgi?uid=12572&bid=5&site=http://domain.fc2.com/ex/

Search URL Search Domain Scan URL

URL: https://textad.net/cgi-bin/redir.cgi?uid=12572&bid=4&site=https://web.fc2.com/fc2html/wordpress.html

Search URL Search Domain Scan URL

URL: https://textad.net/cgi-bin/redir.cgi?uid=12572&bid=6&site=https://cart.fc2.com/

Search URL Search Domain Scan URL

URL: https://textad.net/cgi-bin/redir.cgi?uid=12572&bid=7&site=https://domain.fc2.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

http://s3.india.com/wp-content/uploads/2016/08/teacher.jpg HTTP 301
https://s3.india.com/wp-content/uploads/2016/08/teacher.jpg

Request Chain 11

http://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg HTTP 301
https://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg

Request Chain 13

http://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg?1819117143250975351 HTTP 301
https://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg?1819117143250975351

Request Chain 16

http://secularcoalition.info/KmVMGc?default_keyword=cost+of+attendance+university+of+michigan+law+faculty HTTP 302
http://ww1.secularcoalition.info/

Request Chain 45

https://googleads.g.doubleclick.net/pagead/adview?ai=CIyYWB3vaZJedGeeB5LcPjJ-fkAm81fKncszOvefKEWQQASCr-oweYJXikIKgB6AB84_7qSnIAQmpAmqjHRtJQrI-qAMByAPLBKoE4AFP0F7QE3ZQwmd7KSNuCZibGcTD8pDHFw6KFtGRxfhmYPAIuYOrRBU9x7PC9UqlDHelN5SHeGMR9-gRN5gpD4iGsz-cylLU5EaSDrRAAlQUpUnRAz7amuQ2zBpiegQc7YDVgBwZFbUA6LA-v19jTZ6AciVpdFEcPNr-oh3eIyfc_cqi7C8onFRjSS6RdSlwaLv4rnkjTnAgcfTx4ntmq0Ph4ijXHu_l-1isTJh4pmNEhQLpjONCSyvAfLt_N_TS5nvUqZUUJbC79nbFJoS3AoFmUl8UufDbxzFOLGYu2Mb6k8AEtfaBva0EkgUECAQYAZIFBAgFGASgBi6AB_PHy4kEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ4NIF0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJ0wJodHRwczovL2RlLnNob2Zhc3QuY29tL2Rzcj9xPUNsb3VkJTIwQ29udGFjdCUyMENlbnRlciZhc2lkPXptd19jaDQxNyZkZT1jJnNjbGlkPTAtMjQwMTUmZ2NsaWQ9e2djbGlkfSZyYWM9Q2xvdWQlMjBDb250YWN0JTIwQ2VudGVyJnRlcm1zPUdlbmVzeXMrQ2xvdWQrQ29udGFjdCtDZW50ZXIlMkNCZXN0K0Nsb3VkK0NvbnRhY3QrQ2VudGVyJTJDY2xvdWQrY29udGFjdCtjZW50ZXIrYXMrYStzZXJ2aWNlJTJDb3JhY2xlK3NlcnZpY2UrY2xvdWQrY29udGFjdCtjZW50ZXIlMkNjbG91ZCtjb250YWN0K2NlbnRlcitwcm92aWRlcnMlMkNjbG91ZCtiYXNlZCtjb250YWN0K2NlbnRlcitzb2x1dGlvbnOACgHICwGiDBAqDgoMw7CxAuS0sQLutbECuBPkA9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi02ODkwMjg3MjUwOTc1Njc5GAA&sigh=V4WrIKR17ZY&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWkGm-FTWNOrTOUWiPeNoY2jpA1ZfZbRgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216366195382078816550%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211093854195%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217171685223339919297%22}&andc=true

Request Chain 69

https://j.microad.net/js/compass.js HTTP 302
https://jgl.microad.net/js/compass.js

Request Chain 72

https://j.microad.net/js/compass.js HTTP 302
https://jgl.microad.net/js/compass.js

Request Chain 119

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELwOsO62xUcVUzRWka5RX3A&google_cver=1&google_push=AXcoOmQrg4AEqz0pmRqKhvqL9G16SqBKGYoy7N8LZFnhqNxWfl8UFoky8Tzq66juUp6GAA4utKpCi0VeyWQYlS7ppIC4N8f_fzBXHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzg0Mzc0MDYyNDIzMTUwMjI3Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELwOsO62xUcVUzRWka5RX3A&google_cver=1

Request Chain 121

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEeGxqQVdCGf4leVi0gILrc&google_cver=1&google_push=AXcoOmRM5CanhI1FshC-iuTs_qlDGtJaUS9ezNQw3dXOcYp5214VdYqj3AoSrgjhwTNqc9RREZAxOt2KXrAApr-qlSgYmmrNgjyY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEeGxqQVdCGf4leVi0gILrc&google_push=AXcoOmRM5CanhI1FshC-iuTs_qlDGtJaUS9ezNQw3dXOcYp5214VdYqj3AoSrgjhwTNqc9RREZAxOt2KXrAApr-qlSgYmmrNgjyY

Request Chain 125

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECvsSOyul6ByaH6nDrxOZdI&google_cver=1&google_push=AXcoOmS3xthlhZBEo33DjPbVe_r4u6eWkSenLNlaWOb6UuYYH5Y_Vl4COC6eovSLNWUPtk0_uDYS7k1Xhwf2-xMjXPJhBEPvAhhed9o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmS3xthlhZBEo33DjPbVe_r4u6eWkSenLNlaWOb6UuYYH5Y_Vl4COC6eovSLNWUPtk0_uDYS7k1Xhwf2-xMjXPJhBEPvAhhed9o HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 127

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELwOsO62xUcVUzRWka5RX3A&google_cver=1&google_push=AXcoOmSBQHGp39RNbbl4MBuOgfAjOwKCzn48zcUP-L_Pwfvval7bGiNbjaQP-14FZH238jIVBXMk6IAh4OXRIUwKntwgMq14Rkm3PM7dI4KHZyfjjhH7ugR1YLj5Qz7o51wVJ4iWh6PSPOFd5KpJHIGTDD1pSDg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODA1OTkxMzQwNjM0NTI4NjA4MQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELwOsO62xUcVUzRWka5RX3A&google_cver=1

Request Chain 129

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHeNYSRoAuyQzV4rLQOGqD4&google_cver=1&google_push=AXcoOmTu3tA6cJ9lo4KEFDlsraE9TlRtDCGhsko77U-nsJ_g6PN0kyacdk6W0rAp5PErfo9gminYL5_rp3EVqG5Wj8J_QhcwwnpgIe8dRoVb7PRMqUyowl-5LVwO3eX7XnwZ5cJB08JGSVf_BRFrbgw5RhXHHQs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTu3tA6cJ9lo4KEFDlsraE9TlRtDCGhsko77U-nsJ_g6PN0kyacdk6W0rAp5PErfo9gminYL5_rp3EVqG5Wj8J_QhcwwnpgIe8dRoVb7PRMqUyowl-5LVwO3eX7XnwZ5cJB08JGSVf_BRFrbgw5RhXHHQs

Request Chain 130

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIUc11xOwVIM-p0FQRbWaVY&google_cver=1&google_push=AXcoOmQ3ue0c44UwQcxd5qvG7PwcSdQptiYXDMh9nCwkKk9RSlcWpAr-kSYmRLo3t2YmWtVxH4m9gfnGP9F5LHnFoG5LhpT-dXlqTvb1-T8OEJMlC8FTguVrMSz7g3GFqKLlj_Yd0edDB6ldon868C4TPC7MWoo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ3ue0c44UwQcxd5qvG7PwcSdQptiYXDMh9nCwkKk9RSlcWpAr-kSYmRLo3t2YmWtVxH4m9gfnGP9F5LHnFoG5LhpT-dXlqTvb1-T8OEJMlC8FTguVrMSz7g3GFqKLlj_Yd0edDB6ldon868C4TPC7MWoo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIUc11xOwVIM-p0FQRbWaVY&google_cver=1&google_push=AXcoOmQ3ue0c44UwQcxd5qvG7PwcSdQptiYXDMh9nCwkKk9RSlcWpAr-kSYmRLo3t2YmWtVxH4m9gfnGP9F5LHnFoG5LhpT-dXlqTvb1-T8OEJMlC8FTguVrMSz7g3GFqKLlj_Yd0edDB6ldon868C4TPC7MWoo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ3ue0c44UwQcxd5qvG7PwcSdQptiYXDMh9nCwkKk9RSlcWpAr-kSYmRLo3t2YmWtVxH4m9gfnGP9F5LHnFoG5LhpT-dXlqTvb1-T8OEJMlC8FTguVrMSz7g3GFqKLlj_Yd0edDB6ldon868C4TPC7MWoo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 132

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAPsneA9_z8okCFs34BPmuc&google_cver=1&google_push=AXcoOmTFgBMg_jpn-Tlyt18fUxao1Wnngp-pimyRyEV2T7s55GF8EgqmKTJMqcnOYMCh0gb8ZdKp6IYIWbPUivA_BbKF16LS60y_L3cLXIaUBSQLj7FJQxkn7m4Q1o_diFufUsBQc9WRNBGvz6TO6e-efKezzGI HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAPsneA9_z8okCFs34BPmuc&google_cver=1&google_push=AXcoOmTFgBMg_jpn-Tlyt18fUxao1Wnngp-pimyRyEV2T7s55GF8EgqmKTJMqcnOYMCh0gb8ZdKp6IYIWbPUivA_BbKF16LS60y_L3cLXIaUBSQLj7FJQxkn7m4Q1o_diFufUsBQc9WRNBGvz6TO6e-efKezzGI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjk4Njk1NjI4OTIxNjgyODE2MA&google_push=AXcoOmTFgBMg_jpn-Tlyt18fUxao1Wnngp-pimyRyEV2T7s55GF8EgqmKTJMqcnOYMCh0gb8ZdKp6IYIWbPUivA_BbKF16LS60y_L3cLXIaUBSQLj7FJQxkn7m4Q1o_diFufUsBQc9WRNBGvz6TO6e-efKezzGI

Request Chain 133

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEEajhadNNgV_yBU1mIGSrHo&google_cver=1&google_push=AXcoOmS31Qp0eYZogirSTFdJc4D95EAErs_gpp6XchV5152jYpl-AwSSWlj4IFKGCbJi0CfhdMsFmRsfEOfCerUB8girAOXy1n9sV2NUBJrdwE29y2qfKaJDt9Lf6VU-XFx5rv2W0j6vPOrc0yz-scsxnTaYkOY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmS31Qp0eYZogirSTFdJc4D95EAErs_gpp6XchV5152jYpl-AwSSWlj4IFKGCbJi0CfhdMsFmRsfEOfCerUB8girAOXy1n9sV2NUBJrdwE29y2qfKaJDt9Lf6VU-XFx5rv2W0j6vPOrc0yz-scsxnTaYkOY&google_hm=17bLBAZNTnibcBGwFnGCAbA

Request Chain 138

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIUc11xOwVIM-p0FQRbWaVY&google_cver=1&google_push=AXcoOmTmXpYwoe1hFfGYHs-FKgYVS5Rc5qmoifi0dtcGn7Ho1WRgu7NlYnGp4GN9C6kXJsGifrE5LgpTvB13jy2LKwZRBGZT8PKD6Fh1&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTmXpYwoe1hFfGYHs-FKgYVS5Rc5qmoifi0dtcGn7Ho1WRgu7NlYnGp4GN9C6kXJsGifrE5LgpTvB13jy2LKwZRBGZT8PKD6Fh1%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIUc11xOwVIM-p0FQRbWaVY&google_cver=1&google_push=AXcoOmTmXpYwoe1hFfGYHs-FKgYVS5Rc5qmoifi0dtcGn7Ho1WRgu7NlYnGp4GN9C6kXJsGifrE5LgpTvB13jy2LKwZRBGZT8PKD6Fh1&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTmXpYwoe1hFfGYHs-FKgYVS5Rc5qmoifi0dtcGn7Ho1WRgu7NlYnGp4GN9C6kXJsGifrE5LgpTvB13jy2LKwZRBGZT8PKD6Fh1%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 139

https://d.agkn.com/pixel/2175/?google_gid=CAESEOykj36sZGNod90OrHZEzYw&google_cver=1&google_push=AXcoOmRXiMCbxnTuOAlhf5NEAEJFv1dh6M35XZqe6JAAwxqh7wmHkTANyQ2-t1aF__Qx5dJTUVbaPFrytA5MHBy0BvelKEBfNCs0O8uU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmRXiMCbxnTuOAlhf5NEAEJFv1dh6M35XZqe6JAAwxqh7wmHkTANyQ2-t1aF__Qx5dJTUVbaPFrytA5MHBy0BvelKEBfNCs0O8uU&google_hm=Q0FFU0VPeWtqMzZzWkdOb2Q5ME9ySFpFell3

Request Chain 141

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAPsneA9_z8okCFs34BPmuc&google_cver=1&google_push=AXcoOmSYJrf29iGX43jGctzCAuGJs17As_-QiTwm3BwFkgbodz_kQ1MsM8bx2N3Es2-ITPYv5WhZ60u1FoveQDr-8R_icQI7i2V7VvlJ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAPsneA9_z8okCFs34BPmuc&google_cver=1&google_push=AXcoOmSYJrf29iGX43jGctzCAuGJs17As_-QiTwm3BwFkgbodz_kQ1MsM8bx2N3Es2-ITPYv5WhZ60u1FoveQDr-8R_icQI7i2V7VvlJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDczNjE2MjgzMTQ5NTQyOTkyMg&google_push=AXcoOmSYJrf29iGX43jGctzCAuGJs17As_-QiTwm3BwFkgbodz_kQ1MsM8bx2N3Es2-ITPYv5WhZ60u1FoveQDr-8R_icQI7i2V7VvlJ

Request Chain 143

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEEajhadNNgV_yBU1mIGSrHo&google_cver=1&google_push=AXcoOmT4VQYlt77Za_cX5zwTaJyuUGQM7_VQ0859ckIocUPDWfXamuzVyY3LD91QK2QF3E9eGFZa_DZUtz6XavVqjSKu4hvwiobQBUou0Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT4VQYlt77Za_cX5zwTaJyuUGQM7_VQ0859ckIocUPDWfXamuzVyY3LD91QK2QF3E9eGFZa_DZUtz6XavVqjSKu4hvwiobQBUou0Q&google_hm=17bLBAZNTnibcBGwFnGCAbA

Request Chain 146

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 147

https://googleads.g.doubleclick.net/pagead/adview?ai=C_W7UDHvaZKa2CZCBkwP8oJLwAZit3p1yvM_auuQRlfPJmY0OEAEgq_qMHmCV4pCCoAegAbmiyPMpyAEBqAMByAPLBKoE1wFP0MxkKOlHL0YCvY8EEjYHtaUE8nZ4_JOTNOnCiYXlL3TuCKMoY932wFsqFPYs4EniFkBh5jjUo7uCZgnkKAQs8AKBwTURvsawV8d2GE1HI1TgbJ5GVgMYX_GjLNTN2cnuCjpvwd_u5wg9b9aMqND2BXXKVmYkXuQhuPnnnkrJweg0Vt-uhfVFTUe8O50OfWqn99hKOlo6cHTk8FHA3CsRGu17Ty94VqUeAkZCiXuxO_Dz5UfgnmO9D3gX05xt8OWdy5GcQ5ezyzc7qhF1veEOE3gaNq6l8MAE9NKcpbsEkgUECAQYAZIFBAgFGASgBgKAB87DmdgEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQiIwF0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJ-gFodHRwczovL3RlbmxpcmEubmV0L2FydGljbGUvMjE2Nz91dG1fc291cmNlPWdkbjMmdXRtX2NhbXBhaWduPTg1NTk4NTMyNzBfXzIwMzk2MjM1NTg1X18yMDM5NjIzNTU4NSZ1dG1fY29udGVudD0xNTU4NTE0NTg2MTA5NjYwNDQ0M19fX18xMDA0MzYzX18xNTMzNTQ3MDkzNjQmdXRtX3Rlcm09c2FnZSUyMGNsb3VkLFNhZ2UlMjBPbmUlMjBCdXNpbmVzcyUyMENsb3VkLFNhZ2UlMjBDbG91ZCxTYWdlJTIwQnVzaW5lc3MlMjBDbG91ZCUyMFgzgAoByAsBogwQKg4KDMOwsQLktLEC7rWxAtgTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi02ODkwMjg3MjUwOTc1Njc5GAA&sigh=vD0mxkXh-BM&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWGHKpGqfJXm5KOyf7TQyePIjQuKy8_1u99DxBGPMVbGof9t10l2KVRAvlnJkJSMMVW_T_JBJvGAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222624924470830973510%22,%22debug_reporting%22:true,%22destination%22:%22https://tenlira.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211248210233%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22625353698504211521%22}&andc=true

Request Chain 151

https://googleads.g.doubleclick.net/pagead/adview?ai=CT6ncDHvaZKe2CZCBkwP8oJLwAcz0_Kxy1f3n_IsRjtGZwZkOEAEgq_qMHmCV4pCCoAegAZGjs6IpyAEBqAMByAPLBKoE2AFP0F_HIfFRCQNOSwJcVnCKhOj0c4ML4sCrlMTMqybiiAobLH7WQjpLZ0F4rTtjgee7HFY9y-w46_wyjXnAe8F6xW7XFFwxJXqkAtQiCZ500SJmzCABOWzgDsUe5Bu1EtTcTqu8eN7D2Jr4Q4EPO9J5swd4XhfK4NucsHrzQO40zSpSbxTnHviO-TE88jV7PGe6XN1NlzBwSYVRYSzixjpwRdwcX3pPRma05lWjOZsaIG7mESB1Sc9EvkkmeZ4MuwOKgiabIz1C88TQLxmK1Kg6RRBM75o5JRLABOCz9KC7BJIFBAgEGAGSBQQIBRgEoAYCgAeR24OCBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPXPAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCbABaHR0cHM6Ly93d3cuaGVscHdpcmUuY29tL2FydGljbGVzL2Vhc3ktaG9tZS1pbXByb3ZlbWVudD9xPWJ1c2luZXNzK2xvYW5zJnNyYz1tZyZnY2g9VDAwMDA2NzcmdmlzaXRvcl9pZD0lN0JnY2xpZCU3RF9fX18lN0JwbGFjZW1lbnQlN0QmbGlua19rZXk9MGU4ZjljNmUxZWIzYjRjYTYzNGQ1MjU3MWVkMjNhYjiACgHICwGiDBAqDgoMw7CxAuS0sQLutbEC2BMMiBQD0BUBmBYBgBcBshccChoIABIUcHViLTY4OTAyODcyNTA5NzU2NzkYAA&sigh=5Er0DZSPg8k&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWGHKpGqfJXm5KOyf7TQyePIjQuKy8_1u99DxBGPMVbGof9t10l2KVRAvlnJkJSMMVW_T_JBJvGAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217483536776511705666%22,%22debug_reporting%22:true,%22destination%22:%22https://helpwire.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211077996945%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223062771325303834065%22}&andc=true

Request Chain 169

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELwOsO62xUcVUzRWka5RX3A&google_cver=1&google_push=AXcoOmQ0DE3OhMR_1qcKUA-dp_kKD01QtEqdOptWUVn1KZQrxPdBV4zc2nombP51VYh5iUmeCDUyCapcoW5a7Swes78ngdXSM3zbgFYudPSewU-9Swx3HvqibazFCdxx4NpZH5ZlJVljzkEP__N_D4XQ8rXJrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODA1OTkxMzQwNjM0NTI4NjA4MQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELwOsO62xUcVUzRWka5RX3A&google_cver=1

Request Chain 170

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKkRbJhEqGBUiyR1IL11-yM&google_cver=1&google_push=AXcoOmS0On_V8MI177Og2mBpoY_JaSFtujY3Yft1ky78DOqK5Wk5c9bXswXKXY4jrBt0n18oMkcE1N1Ax4BJxTPN59M4kJpEtqmqo38vyroxPobV73wWYv-TtMj7HUEM2bh_82lLGROeMiR2h3dAASNGxW6G2TA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKkRbJhEqGBUiyR1IL11-yM&google_cver=1&google_push=AXcoOmS0On_V8MI177Og2mBpoY_JaSFtujY3Yft1ky78DOqK5Wk5c9bXswXKXY4jrBt0n18oMkcE1N1Ax4BJxTPN59M4kJpEtqmqo38vyroxPobV73wWYv-TtMj7HUEM2bh_82lLGROeMiR2h3dAASNGxW6G2TA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RzN5UXBaUGMxUXZDU1c1&google_gid=CAESEKkRbJhEqGBUiyR1IL11-yM&google_cver=1&google_push=AXcoOmS0On_V8MI177Og2mBpoY_JaSFtujY3Yft1ky78DOqK5Wk5c9bXswXKXY4jrBt0n18oMkcE1N1Ax4BJxTPN59M4kJpEtqmqo38vyroxPobV73wWYv-TtMj7HUEM2bh_82lLGROeMiR2h3dAASNGxW6G2TA

Request Chain 172

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEeGxqQVdCGf4leVi0gILrc&google_cver=1&google_push=AXcoOmQg2xEyAK7sBqGvItjHihB5zZ8ySAL8-l70zHXmIZuJ-54kRGguRUPS9KTdYjD4r4QemXJ8DgYd__Lfe-2HL9W1edsnwxGga154SqtseBg0mpK11I50o4ozQTjvq4b59MvmdH4VRvDT66V53WwcwLbFub4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk5wN0RRQUFBSDRFVGdBYg==&google_gid=CAESEEeGxqQVdCGf4leVi0gILrc&google_cver=1&google_push=AXcoOmQg2xEyAK7sBqGvItjHihB5zZ8ySAL8-l70zHXmIZuJ-54kRGguRUPS9KTdYjD4r4QemXJ8DgYd__Lfe-2HL9W1edsnwxGga154SqtseBg0mpK11I50o4ozQTjvq4b59MvmdH4VRvDT66V53WwcwLbFub4

Request Chain 174

https://d.agkn.com/pixel/2175/?google_gid=CAESEOykj36sZGNod90OrHZEzYw&google_cver=1&google_push=AXcoOmSPjPddowddnNfEE2c9lckwsB0bRxJ3m56WuWGEkerXzLBUNEhwSdx4LABCoQ1d62Rrk06XBZYpjJ9G6GaO0vs8UPRRVs-J4Y5i1Ol2vRZn8iMstRyCjyA0O3zYGbOsCxsUu4VnFomS22sxz8hYTzLunA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSPjPddowddnNfEE2c9lckwsB0bRxJ3m56WuWGEkerXzLBUNEhwSdx4LABCoQ1d62Rrk06XBZYpjJ9G6GaO0vs8UPRRVs-J4Y5i1Ol2vRZn8iMstRyCjyA0O3zYGbOsCxsUu4VnFomS22sxz8hYTzLunA&google_hm=Q0FFU0VPeWtqMzZzWkdOb2Q5ME9ySFpFell3

Request Chain 175

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEEajhadNNgV_yBU1mIGSrHo&google_cver=1&google_push=AXcoOmQJSBb5ZoEH5etfupOOBgRFy5r5LgBbCRsSpduDUKeOQzXulgXT-5YDX_WE2Kq9TUv4GwE4LVA5-Zh9PHyvcC_IfBuA65ODXbLTMVJa6wP9OvWZTBLCeH5OGHefmOlTi6ASh6IdOu5etakzhZO-qqCWcLDD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQJSBb5ZoEH5etfupOOBgRFy5r5LgBbCRsSpduDUKeOQzXulgXT-5YDX_WE2Kq9TUv4GwE4LVA5-Zh9PHyvcC_IfBuA65ODXbLTMVJa6wP9OvWZTBLCeH5OGHefmOlTi6ASh6IdOu5etakzhZO-qqCWcLDD&google_hm=17bLBAZNTnibcBGwFnGCAbA

Request Chain 177

https://googleads.g.doubleclick.net/pagead/adview?ai=CkLyBDXvaZJCfHYOY7wKBuZuAAr-s_5pylv-z0dER2dkeEAEgq_qMHmCV4pCCoAegAd-JoNAByAECqQLX3YNie0yyPqgDAcgDyQSqBOEBT9DkHdp1vgO3KW06PNrKXSF3yENsZNCSdqTScfXX4832_r89t81GR5AzZnjtt4YHpBoHnX1aviNgeDipC1UZnwMvzY95B4gWjtwxdrPu99X9QuahT0wTLETAmhnIHF73DmPq2zzzxjyjJ-cSab8wJCgt5KAwBDtxZhj1ZhiUsEqgBBqbYEPj82W8BjGBB5a8sFcf2wicduqxwhGN4Dy7NB5symTE-79goNidNyUSQjIPy7TizR2IUgyYu6S1CpwDRJfml71TqGV8KKLp7poj2WOc8_UcRVEJdL9zCHbFXQpkwATH5JagkASSBQQIBBgBkgUECAUYBKAGAoAHifbfrwKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDpnBnSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgl-aHR0cHM6Ly9zdHVkeWF0dWUuY29tL3Byb2dyYW1tZXMvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj0xNzc1NTY2NjQ4NCZ1dG1fY29udGVudD0xNDE4MDE0MDI5NTEmdXRtX3Rlcm09gAoByAsBogwIKgYKBMOwsQLYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNjg5MDI4NzI1MDk3NTY3ORgA&sigh=Z54AWb4RBoU&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWeFLSdjgHPgUH94SICNz3wE7v-FjjZRWUeqny3GP3xe5wiN_sSIogqN_LCudocaa0ZynxOdHkGAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214843200951447920896%22,%22debug_reporting%22:true,%22destination%22:%22https://studyatue.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22436733151%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222784101012615042593%22}&andc=true

Request Chain 178

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 185

https://j.microad.net/js/compass.js HTTP 302
https://jgl.microad.net/js/compass.js

Request Chain 187

https://j.microad.net/js/compass.js HTTP 302
https://jgl.microad.net/js/compass.js

213 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
lanterman.web.fc2.com/ 25 KB
26 KB 382ms
181ms Document
text/html 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache / ModLayout/5.1

Resource Hash

9cf26fb9689fd8a0cca272392d51ec09f0bb015df6ca4301834f56336cdfbbb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: close
Content-Type: text/html
Date: Mon, 14 Aug 2023 19:05:40 GMT
Last-Modified: Fri, 02 Mar 2018 10:25:46 GMT
Server: Apache
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Powered-By: ModLayout/5.1
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
lanterman.web.fc2.com// 69 KB
10 KB 364ms
188ms Stylesheet
text/css 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com//style.css

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

be00c6b021883cb1684551714783bace4a657281ebdf833b2a5ff8a56e206bd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:25:13 GMT
Server: Apache
ETag: "114f3-5666b643ff440-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 9839
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.responsive.css
lanterman.web.fc2.com// 11 KB
2 KB 371ms
190ms Stylesheet
text/css 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com//style.responsive.css

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

c6c572a51db4b19008dfcde69a5aab55e9cdbce88c99c7ad02f4d44eb939c681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:25:17 GMT
Server: Apache
ETag: "2c7a-5666b647cfd40-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 2076
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.js Show response
lanterman.web.fc2.com// 90 KB
32 KB 373ms
190ms Script
application/javascript 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com//jquery.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:25:05 GMT
Server: Apache
ETag: "169d9-5666b63c5e240-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 32784
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK script.js Show response
lanterman.web.fc2.com// 57 KB
13 KB 371ms
188ms Script
application/javascript 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com//script.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

0a87ba00eee82758c065fb6b0a604e671c9b39f6ea918bdc0a31dc44fb8ad9ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:25:08 GMT
Server: Apache
ETag: "e482-5666b63f3a900-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 12464
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK script.responsive.js Show response
lanterman.web.fc2.com// 22 KB
5 KB 374ms
188ms Script
application/javascript 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com//script.responsive.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

bac62b9a825a47764961c656e99d737ad97e9dfe8f1480607c652b284a1131c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:25:10 GMT
Server: Apache
ETag: "56cc-5666b64122d80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 4480
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK qwertymin.js Show response
lanterman.web.fc2.com//images/ 449 B
691 B 566ms
206ms Script
application/javascript 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://lanterman.web.fc2.com//images/qwertymin.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

404b9260afb4ca4d67d51bc3ab9c58e6d139d47f9c1218a78ecac1492e0e3002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:24:39 GMT
Server: Apache
ETag: "1c1-5666b623927c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 328
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
54 KB 127ms
90ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11d43f773096fd0cac2f100440e3bc4f6bf8ab50e171c8f734ab9dd71c35c2f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54187
X-XSS-Protection: 0
Server: cafe
ETag: 3112149670385301974
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Mon, 14 Aug 2023 19:05:41 GMT

GET Miller_WEB.10080613_std.jpg
www.southhaventribune.net/yahoo_site_admin/assets/images/ 0
0

GET
H2 404 promo316932033.jpg
localtvwqad.files.wordpress.com/2017/04/ 0
0 64ms
24ms Image
text/html 192.0.72.20
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://localtvwqad.files.wordpress.com/2017/04/promo316932033.jpg?quality=85&strip=all&w=1200
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.20 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET chavez-ian.jpg
mcnair.indiana.edu/img/current-students/ 0
0

GET
H2

200

teacher.jpg
s3.india.com/wp-content/uploads/2016/08/
Redirect Chain

http://s3.india.com/wp-content/uploads/2016/08/teacher.jpg
https://s3.india.com/wp-content/uploads/2016/08/teacher.jpg

37 KB
38 KB

229ms
32ms

Image
image/avif

2a02:26f0:480:23::1726:62b4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.india.com/wp-content/uploads/2016/08/teacher.jpg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Server

2a02:26f0:480:23::1726:62b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

7320a35f8f5fbfd28be89b5588d9cee9dbdbd09151d4ce002da3fce47140e163

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'; base-uri 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' https:; script-src 'strict-dynamic' '509d3a638bdedea59f28b3ac35f6ee226fc1beb8798e69f263cd9edc619f4423' 'unsafe-inline' https:
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' https:; script-src 'strict-dynamic' '509d3a638bdedea59f28b3ac35f6ee226fc1beb8798e69f263cd9edc619f4423' 'unsafe-inline' https:
date: Mon, 14 Aug 2023 19:05:43 GMT
last-modified: Fri, 05 May 2023 21:12:40 GMT
server: Akamai Image Manager
etag: "93205477b665c2a1f1d5344deba6c679"
x-frame-options: DENY
content-type: image/avif
cache-control: public, max-age=2592000
content-length: 38110
expires: Thu, 24 Aug 2023 18:56:32 GMT

Redirect headers

Location: https://s3.india.com/wp-content/uploads/2016/08/teacher.jpg
Date: Mon, 14 Aug 2023 19:05:43 GMT
Cache-Control: public, max-age=2592000
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
Expires: Mon, 14 Aug 2023 19:05:43 GMT

GET
H2

404

NicholaSaundersLeaflet_inside.jpg
www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/
Redirect Chain

http://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg
https://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg

0
0

1762ms
1729ms

Image
text/html

92.205.2.206
GODADDY-SXB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Server: 92.205.2.206 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS: 206.2.205.92.host.secureserver.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

Date: Mon, 14 Aug 2023 19:05:42 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg
Cache-Control: max-age=180
Connection: Keep-Alive
Keep-Alive: timeout=5
Content-Length: 315
Expires: Mon, 14 Aug 2023 19:08:42 GMT

GET
H/1.1 200
OK people_flowers.jpg
www.cusys.edu/newsletter/2010/03-24/images/ 8 KB
8 KB 1453ms
143ms Image
image/jpeg 204.228.68.58
UNIVERSITY-OF-COL...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cusys.edu/newsletter/2010/03-24/images/people_flowers.jpg
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.228.68.58 Denver, United States, ASN62671 (UNIVERSITY-OF-COLORADO-SYSTEM, US),
Reverse DNS: www.cusys.edu
Software: /
Resource Hash: 863395d0e38e9c9c42ff78d3c7ecaf11f3423b5734ccf09cf08e0331f444fbbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:44 GMT
Last-Modified: Wed, 24 Mar 2010 18:36:36 GMT
ETag: "209c-4829035c75500"
Content-Type: image/jpeg
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Connection: Keep-Alive
Accept-Ranges: bytes
X-UIS: AX active
Keep-Alive: timeout=5, max=100
Content-Length: 8348

GET
H2

200

kyle_field.jpg
cdn.shopify.com/s/files/1/0659/0325/files/
Redirect Chain

http://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg?1819117143250975351
https://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg?1819117143250975351

167 KB
168 KB

548ms
523ms

Image
image/webp

23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg?1819117143250975351

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

f82333103a1080f1da5da0c384159e0f10307305ea2b611289285f3da136c0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
source-type: image/jpeg
server-timing: imagery;dur=292.656, imageryFetch;dur=113.583, imageryProcess;dur=176.086;desc="image", cfRequestDuration;dur=513.999939
source-length: 315495
content-length: 171056
x-xss-protection: 1; mode=block
x-request-id: a9dd4067-5c88-4752-b5b5-4f2afda4b6d2
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 14 Aug 2023 19:05:43 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fr11bgLkLByZLOciZYlnWOOBA5uPVQi4CBLm7qXFhKgMR1tPz6Mib%2BrW%2FXEu8k7mwv%2F9MT4takdQonGEzfl9I%2FyDjCvS3FQdkji%2Fg5hvfIis%2BRaEWR5U5M35ULRX76rsEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg>; rel="canonical"
cf-ray: 7f6b788bacfd9b7a-FRA

Redirect headers

Date: Mon, 14 Aug 2023 19:05:42 GMT
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIEAsypNGHHmIrtLlS5ybJD5N93xWx28baVXZvk%2F1dpOUSBvgAKJGKClP%2BtYDicf4O8KzZH6%2Fqc7bnwNsURQv7rYZYefhUQi4qMtEA71L6WvyceDSCzt61uAuttDCYgdKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://cdn.shopify.com/s/files/1/0659/0325/files/kyle_field.jpg?1819117143250975351
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
Server-Timing: cfRequestDuration;dur=10.999918
CF-RAY: 7f6b788b2a799a41-FRA
alt-svc: h3=":443"; ma=86400
Expires: Mon, 14 Aug 2023 20:05:42 GMT

GET VSIZAIANZRGNVOO.20151009142942.jpg
image.cdnllnwnl.xosnetwork.com/pics33/800/VS/ 0
0

GET
H/1.1 200
Ok counter_img.php
media.fc2.com/ 43 B
346 B 373ms
179ms Image
image/gif 104.244.99.54
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://media.fc2.com/counter_img.php?id=50
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: HTTP/1.1
Server: 104.244.99.54 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: b7f62f924ea7b82ad409df09417c32e7ace002d292675841dcfeeecc28a25925

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 19:05:43 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

/ Show response
ww1.secularcoalition.info/
Redirect Chain

http://secularcoalition.info/KmVMGc?default_keyword=cost+of+attendance+university+of+michigan+law+faculty
http://ww1.secularcoalition.info/

0
0

290ms
189ms

Script
text/html

199.59.243.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww1.secularcoalition.info/
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: HTTP/1.1
Server: 199.59.243.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

location: http://ww1.secularcoalition.info
date: Mon, 14 Aug 2023 19:05:41 GMT
cache-control: max-age=0, private, must-revalidate
server: nginx
connection: close
content-length: 11

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 63ms
18ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6F87) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:42 GMT
Content-Encoding: gzip
Age: 313
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (pab/6F87)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 cse.js Show response
cse.google.com/ 9 KB
4 KB 186ms
72ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=008587068278864670770:l6eqms_gbn0

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

3efb0b5415cbf1a3f33a5b4b3254a0b11ccb6afd8a5a187cb498d90ffe8cf529

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-ldrf6gyWoa0MX6ZSk5CBVg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-ldrf6gyWoa0MX6ZSk5CBVg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Mon, 14 Aug 2023 19:05:43 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2981
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Mon, 14 Aug 2023 19:05:43 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
54 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f22662c995e8bf36b9b76625be1c6df0e68b8bff087b2cac8d0b39fc6852c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54193
X-XSS-Protection: 0
Server: cafe
ETag: 12199361255975992814
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Mon, 14 Aug 2023 19:05:42 GMT

GET
H/1.1 200
OK / Show response
vip.chps-api.fc2.com/apis/footer/ 1 KB
1020 B 4450ms
4234ms Script
application/javascript 104.244.99.107
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL

http://vip.chps-api.fc2.com/apis/footer/?charset=UTF-8&url=http%3A%2F%2Flanterman.web.fc2.com%2F&service=0&r=17483565533

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

HTTP/1.1

Server

104.244.99.107 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

2f1062b5e1af2cc8a151377ca403596d9c62d3a11512d8d7cc821945c5329929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 19:05:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 14 Aug 2023 19:05:47 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 498
X-XSS-Protection: 1; mode=block
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK page.jpg
lanterman.web.fc2.com//images/ 261 KB
261 KB 358ms
183ms Image
image/jpeg 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lanterman.web.fc2.com//images/page.jpg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com//style.css

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

b7dad492260920af7d4a7996d2d662cca8f0d8aebef97c420eb89e5b4fc2cc9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com//style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:24:22 GMT
Server: Apache
ETag: "412ea-5666b6135c180"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 266986
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK header.png
lanterman.web.fc2.com//images/ 2 KB
2 KB 356ms
181ms Image
image/png 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lanterman.web.fc2.com//images/header.png

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com//style.css

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

e06a517c8ef78e142c00c1217c5a3e48c1c31dd55813530c225763ecf688b92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com//style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:24:01 GMT
Server: Apache
ETag: "6cb-5666b5ff55240"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 1739
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK object0.png
lanterman.web.fc2.com//images/ 12 KB
12 KB 357ms
180ms Image
image/png 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lanterman.web.fc2.com//images/object0.png

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com//style.css

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

3afca5001b290bb09b9b371385e12e24044a65eb613cb2928394a2ad0ea760d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com//style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:24:11 GMT
Server: Apache
ETag: "308c-5666b608de8c0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 12428
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK vmenuactiveitemicon.png
lanterman.web.fc2.com//images/ 1 KB
1 KB 368ms
189ms Image
image/png 104.244.99.169
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lanterman.web.fc2.com//images/vmenuactiveitemicon.png

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com//style.css

Protocol

HTTP/1.1

Server

104.244.99.169 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

Apache /

Resource Hash

d1b526c5b87c80b5d6b9ec64df85a97e40578e2cd3c91f2f039a0709b1eb02ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com//style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Mar 2018 10:24:56 GMT
Server: Apache
ETag: "4b7-5666b633c8e00"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 1207
X-XSS-Protection: 1; mode=block

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/ 372 KB
126 KB 186ms
105ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=lanterman.web.fc2.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4443b2517b8e1fe588237d126191ab9b111db65f025ac020776a4780ea732da8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128604
x-xss-protection: 0
server: cafe
etag: 3941846467843433536
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:05:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/ Frame 95A8 10 KB
5 KB 125ms
38ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4592
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 17:49:11 GMT
etag: 12368291122986407432
expires: Mon, 28 Aug 2023 17:49:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/e992cd4de3c7044f/ 309 KB
310 KB 258ms
42ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/e992cd4de3c7044f/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=008587068278864670770:l6eqms_gbn0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07d241ae62c2c40e9c20c169b35cf9bda9b3e99cba1e5ad4f86351364156c290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:06:20 GMT
x-content-type-options: nosniff
age: 17963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316773
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 17:25:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 13 Aug 2024 14:06:20 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/e992cd4de3c7044f/ 41 KB
9 KB 252ms
36ms Stylesheet
text/css 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/e992cd4de3c7044f/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=008587068278864670770:l6eqms_gbn0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:32:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9102
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 17:25:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 13 Aug 2024 16:32:43 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 256ms
41ms Stylesheet
text/css 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=008587068278864670770:l6eqms_gbn0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 14 Aug 2023 19:55:04 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
600 B 135ms
46ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=lanterman.web.fc2.com&callback=_gfp_s_&client=ca-pub-6890287250975679

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=lanterman.web.fc2.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2ec2d1fb0f4ceee0c2038971aa1a0f804c0389d55d9ec80342ef23adde9ede6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 55E9 436 B
431 B 465ms
460ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=600&slotname=3865380065&adk=2462822920&adf=233326967&pi=t.ma~as.3865380065&w=235&fwrn=4&fwrnh=100&lmt=1519982746&rafmt=1&format=235x600&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1692039942928&bpp=8&bdt=2419&idt=314&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&correlator=8464002683876&frm=20&pv=2&ga_vid=1450332216.1692039943&ga_sid=1692039943&ga_hid=806102051&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=270&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076924%2C44785292%2C44795922&oid=2&pvsid=2929847998735624&tmod=1488762475&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Pk9VWm091Y&p=http%3A//lanterman.web.fc2.com&dtd=348

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9917ac63c414a96b87415dcfe85a3c682029fab1128055606045e4c06b01cc5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:05:43 GMT
expires: Mon, 14 Aug 2023 19:05:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 666A 106 KB
37 KB 625ms
622ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&slotname=3865380065&adk=3534818277&adf=2051345969&pi=t.ma~as.3865380065&w=800&fwrn=4&fwrnh=100&lmt=1519982746&rafmt=1&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1692039942936&bpp=2&bdt=2428&idt=349&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&prev_fmts=235x600&correlator=8464002683876&frm=20&pv=1&ga_vid=1450332216.1692039943&ga_sid=1692039943&ga_hid=806102051&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076924%2C44785292%2C44795922&oid=2&pvsid=2929847998735624&tmod=1488762475&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=BPZk1eXBur&p=http%3A//lanterman.web.fc2.com&dtd=354

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9dcd0e06cbb963310011e8e6ab202bc9647754902e51f72ba396426752c9708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37194
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:05:43 GMT
expires: Mon, 14 Aug 2023 19:05:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 666A 4 KB
1 KB 133ms
48ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&slotname=3865380065&adk=3534818277&adf=2051345969&pi=t.ma~as.3865380065&w=800&fwrn=4&fwrnh=100&lmt=1519982746&rafmt=1&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1692039942936&bpp=2&bdt=2428&idt=349&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&prev_fmts=235x600&correlator=8464002683876&frm=20&pv=1&ga_vid=1450332216.1692039943&ga_sid=1692039943&ga_hid=806102051&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076924%2C44785292%2C44795922&oid=2&pvsid=2929847998735624&tmod=1488762475&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=BPZk1eXBur&p=http%3A//lanterman.web.fc2.com&dtd=354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 19:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 17:09:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 19:05:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 666A 2 KB
945 B 183ms
71ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 666A 23 KB
9 KB 183ms
72ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 666A 3 KB
1 KB 184ms
73ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:05:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 666A 20 KB
8 KB 181ms
70ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 666A 179 KB
57 KB 180ms
69ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:05:44 GMT

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame 666A 33 KB
14 KB 122ms
35ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 16:01:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Nov 2023 09:28:51 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/12588401028206759161/ Frame 666A 35 KB
36 KB 219ms
113ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12588401028206759161/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

487f9c94cb6252b4166decfc3ac738aa98e251256a3cafd9f569c18ae02ac821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:27:32 GMT
x-content-type-options: nosniff
age: 243492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36294
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 18:50:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Aug 2024 23:27:32 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11872093617410350534/ Frame 666A 6 KB
6 KB 179ms
73ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11872093617410350534/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11067491713debe19cce15506683109c51960927313cb761259868995bd6410b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 21:48:52 GMT
x-content-type-options: nosniff
age: 163012
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6066
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 23:21:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 11 Aug 2024 21:48:52 GMT

GET
DATA 200
OK truncated
/ Frame 666A 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: deb450f15cb3228d444d35174564331f60a88e39ae2e6390e3556b529b455421

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 666A 16 KB
16 KB 148ms
42ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 232235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 02:35:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 666A 15 KB
15 KB 153ms
51ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 313132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 04:06:52 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 666A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CIyYWB3vaZJedGeeB5LcPjJ-fkAm81fKncszOvefKEWQQASCr-oweYJXikIKgB6AB84_7qSnIAQmpAmqjHRtJQrI-qAMByAPLBKoE4AFP0F7QE3ZQwmd7KSNuCZibGcTD8pDHFw6KFtGRxfh...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216366195382078816550%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%...

0
0

156ms
72ms

Fetch
text/css

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216366195382078816550%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211093854195%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217171685223339919297%22}&andc=true

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"16366195382078816550","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11093854195"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"17171685223339919297"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 19:05:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 19:05:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16366195382078816550","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11093854195"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"17171685223339919297"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js Show response
pagead2.googlesyndication.com/bg/ Frame 7391 38 KB
15 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 16:15:36 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 190ms
73ms Preflight
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 19:05:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 666A 42 B
64 B 223ms
138ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTig3klgrhSWEnBjCXpp--_X4klbjKfIKM7ThTIe3C60HszqFVtTwED0c2qBiJg041XypRqMj_tllwOb4q_209IwI4jSRI-L6Xq-7xEY7W6vLAXp47i47jIoGh2UHt1t0noPp833a6xFSB&sai=AMfl-YRXZOe2BgbRkmEVLQ1sbCKNMZLmeEVqkxwg5Ys6KRQyOPRmTFbTaYZpAducIbM2eK-2vnXdpIZJ3WDS&sig=Cg0ArKJSzF40B3V7j6bMEAE&cid=CAQSGwBpAlJWkGm-FTWNOrTOUWiPeNoY2jpA1ZfZbRgB&id=lidar2&mcvt=1000&p=0,0,280,800&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3534818277&rs=2&la=0&cr=0&vs=4&r=v&rst=1692039943292&rpt=1105&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fc2_web_user_page.js Show response
static.fc2.com/fc2web/js/ 11 KB
4 KB 70ms
6ms Script
application/javascript 2a02:3d0:6:a000::3
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Requested by: Host: vip.chps-api.fc2.com
URL: http://vip.chps-api.fc2.com/apis/footer/?charset=UTF-8&url=http%3A%2F%2Flanterman.web.fc2.com%2F&service=0&r=17483565533
Protocol: HTTP/1.1
Server: 2a02:3d0:6:a000::3 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
Software: nginx /
Resource Hash: d5280d87baee55df453debab6d2cf4079a730388c6773369fffa6c44ce9f159c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 07:06:20 GMT
Server: nginx
Age: 2111
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=6000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3926
X-LLID: f14e9044647db1dfd51115694fdc5796
Expires: Mon, 14 Aug 2023 20:10:36 GMT

GET
H/1.1 200
Ok / Show response
media5.fc2.com/1187/ Frame F6CF 2 KB
1 KB 585ms
188ms Document
text/html 104.244.99.99
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://media5.fc2.com/1187/
Requested by: Host: static.fc2.com
URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.99 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: 1cb7cab5eb7626900d579c45c233bfb4e09b2e262f0c9bc31c90641dd5e6c714

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 14 Aug 2023 19:05:47 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
Ok manager.cgi Show response
textad.fc2.com/cgi-bin/ 4 KB
4 KB 556ms
176ms Script
text/javascript 104.244.99.67
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://textad.fc2.com/cgi-bin/manager.cgi?category_id=0&i=1&type=1
Requested by: Host: static.fc2.com
URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.67 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: f25418cc9ae5f313ac1404361d37cdc9f96c246e7c4b4ff78ea24b7178028ce6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:47 GMT
Server: nginx
Connection: keep-alive
Content-Length: 4163
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK fc2_header_bnr_close.gif
static.fc2.com/fc2web/image/ 972 B
1 KB 31ms
31ms Image
image/gif 2a02:3d0:6:a000::3
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.fc2.com/fc2web/image/fc2_header_bnr_close.gif
Requested by: Host: static.fc2.com
URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Protocol: HTTP/1.1
Server: 2a02:3d0:6:a000::3 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a0df713b4660ba39052ceadce6b19b9945dcc2b8aecea57d84816524eb38b14

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:47 GMT
Last-Modified: Wed, 19 Mar 2014 06:20:31 GMT
Server: nginx
Age: 529
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=6000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 972
X-LLID: 17038e29c8650461e25d408bc1b29e6b
Expires: Mon, 14 Aug 2023 20:36:58 GMT

GET
H/1.1 200
Ok counter_img.php
media.fc2.com/ 43 B
346 B 733ms
182ms Image
image/gif 104.244.99.54
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.fc2.com/counter_img.php?id=1781
Requested by: Host: static.fc2.com
URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.54 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: b7f62f924ea7b82ad409df09417c32e7ace002d292675841dcfeeecc28a25925

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 19:05:48 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
Ok counter_img.php
media.fc2.com/ 43 B
346 B 739ms
185ms Image
image/gif 104.244.99.54
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.fc2.com/counter_img.php?id=1782
Requested by: Host: static.fc2.com
URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.54 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: b7f62f924ea7b82ad409df09417c32e7ace002d292675841dcfeeecc28a25925

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 19:05:48 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fc2_bottom_bnr_close.png
static.fc2.com/fc2web/image/ 429 B
791 B 18ms
10ms Image
image/png 2a02:3d0:6:a000::3
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.fc2.com/fc2web/image/fc2_bottom_bnr_close.png
Requested by: Host: static.fc2.com
URL: http://static.fc2.com/fc2web/js/fc2_web_user_page.js?20210719
Protocol: HTTP/1.1
Server: 2a02:3d0:6:a000::3 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b20a3e55eda8ed582681eb9a05069aaaf5da9c12d9b9d6769cfc05ebb539993

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:47 GMT
Last-Modified: Wed, 19 Mar 2014 06:20:31 GMT
Server: nginx
Age: 528
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=6000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 429
X-LLID: f31d2f0120b704c1dc6006d56d6a95b5
Expires: Mon, 14 Aug 2023 20:36:59 GMT

GET
H2 200 668f540669179556b8cfb8e5a9d647f4.jpeg
storage1000-textad.fc2.com/textad/user12572/ 21 KB
22 KB 882ms
351ms Image
image/png 199.48.209.213
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storage1000-textad.fc2.com/textad/user12572/668f540669179556b8cfb8e5a9d647f4.jpeg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.48.209.213 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

nginx /

Resource Hash

26959420ff63fa61ceda84d3a420d0fb456221556aafd0ee0a7bcbdd9d1745a9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:48 GMT
content-security-policy: block-all-mixed-content
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 14:10:46 GMT
server: nginx
x-amz-request-id: 177B55050AA63415
etag: W/"c85fa96325b66f9b25f4b2301b8bc841"
vary: Accept-Encoding, Origin
content-type: image/png
x-xss-protection: 1; mode=block

GET
H2 200 a878e5f07a336ab7afb0c8207a4fed9d.jpeg
storage1000-textad.fc2.com/textad/user12572/ 9 KB
9 KB 1054ms
523ms Image
image/png 199.48.209.213
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storage1000-textad.fc2.com/textad/user12572/a878e5f07a336ab7afb0c8207a4fed9d.jpeg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.48.209.213 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

nginx /

Resource Hash

5b207e7767f10ca66eaedbaee7e5023f9c55176e70d64fcaabf58656622d5513

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:48 GMT
content-security-policy: block-all-mixed-content
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 09:54:02 GMT
server: nginx
x-amz-request-id: 177B55050AA4D1D5
etag: W/"119cd8747edd7fa245f6284f92a93009"
vary: Accept-Encoding, Origin
content-type: image/png
x-xss-protection: 1; mode=block

GET
H2 200 3bbdc7df2a557cccb41ba132f9531e26.jpeg
storage1000-textad.fc2.com/textad/user12572/ 8 KB
8 KB 1056ms
526ms Image
image/png 199.48.209.213
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storage1000-textad.fc2.com/textad/user12572/3bbdc7df2a557cccb41ba132f9531e26.jpeg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.48.209.213 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

nginx /

Resource Hash

d4e38a51951999e9847ee305ad2eb73ca98f4d367fa5f92351e6c67312738b76

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:48 GMT
content-security-policy: block-all-mixed-content
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 08:33:08 GMT
server: nginx
x-amz-request-id: 177B5505C5108FBF
etag: W/"e37e6bbfcc3982b57b3dd5069e702f44"
vary: Accept-Encoding, Origin
content-type: image/png
x-xss-protection: 1; mode=block

GET
H2 200 5c485f00d4b543b30d68813d3ea2d237.jpeg
storage1000-textad.fc2.com/textad/user12572/ 10 KB
11 KB 879ms
348ms Image
image/png 199.48.209.213
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storage1000-textad.fc2.com/textad/user12572/5c485f00d4b543b30d68813d3ea2d237.jpeg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.48.209.213 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

nginx /

Resource Hash

1e560ff025fb7a37f6ef93d80f90f336741b83316fc4a2c5fdeec023c8ddb7a0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:48 GMT
content-security-policy: block-all-mixed-content
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 08:37:54 GMT
server: nginx
x-amz-request-id: 177B555A565BEF97
etag: W/"3453b4341dc4bf7f9924472cef11d644"
vary: Accept-Encoding, Origin
content-type: image/png
x-xss-protection: 1; mode=block

GET
H2 200 bbe8a512a00466e406cde884fa2d3564.jpeg
storage1000-textad.fc2.com/textad/user12572/ 10 KB
10 KB 1056ms
526ms Image
image/png 199.48.209.213
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storage1000-textad.fc2.com/textad/user12572/bbe8a512a00466e406cde884fa2d3564.jpeg

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.48.209.213 , United States, ASN63210 (FC2-INC-2, US),

Reverse DNS

Software

nginx /

Resource Hash

ab54017c0444167aa0373b35754d99768c225d38796dd834057dcd0341f42a00

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:48 GMT
content-security-policy: block-all-mixed-content
content-encoding: gzip
last-modified: Thu, 24 Nov 2022 10:07:18 GMT
server: nginx
x-amz-request-id: 177B55538C5DCE90
etag: W/"2c9d09a5f7416e8bf918e4d9cfaabd54"
vary: Accept-Encoding, Origin
content-type: image/png
x-xss-protection: 1; mode=block

GET
H/1.1 200
Ok / Show response
media5.fc2.com/1188/ Frame 6EBE 2 KB
1 KB 207ms
187ms Document
text/html 104.244.99.99
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://media5.fc2.com/1188/
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.99 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: cb8aa63b3f73eb99a9f475b1bd8235a6ece0c5051a1cbef6fa5f9df8a208f48a

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 14 Aug 2023 19:05:48 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8DF4 455 KB
92 KB 1201ms
1198ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&adk=1812271804&adf=3025194257&lmt=1519982746&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x540_l%7C236x540_r&format=0x0&url=http%3A%2F%2Flanterman.web.fc2.com%2F&ea=0&pra=7&wgl=1&dt=1692039948006&bpp=3&bdt=7497&idt=3&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7bb4dad133dce13a-22133ef14fde006f%3AT%3D1692039943%3ART%3D1692039943%3AS%3DALNI_MbjAKIo5pY-fUnqLn9TCriQlejWBw&gpic=UID%3D00000d8b1e482593%3AT%3D1692039943%3ART%3D1692039943%3AS%3DALNI_MapxLZvDEn42EAjO1mHiddnnPyRGw&prev_fmts=235x600%2C800x280&nras=1&correlator=8464002683876&frm=20&pv=1&ga_vid=1450332216.1692039943&ga_sid=1692039943&ga_hid=806102051&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076924%2C44785292%2C44795922&oid=2&psts=AOrYGskepYAHDMlPK3U0h8lnPO9cHz9kluWc18d6-3P_k8WIQaRnQwynf-ENV8QDJ_V2Ejf4sxnKmHeFm5f4h1EefWTv2QvC&pvsid=2929847998735624&tmod=1488762475&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=37

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5418099638a4254357bb7cce19129d2f64e94dd7ffa76e793c37cf2f5e75d871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 94624
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:05:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 134ms
133ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=fc2_bottom_bnr&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 3122 320 KB
104 KB 70ms
17ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Flanterman.web.fc2.com
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6FAE) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1825
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Mon, 14 Aug 2023 19:05:48 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (pab/6FAE)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 144 KB
53 KB 84ms
46ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/e992cd4de3c7044f/cse_element__en.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00f7775e1089b06453912c640ff0bbfe8fe47aa0cf3234347332fc4479b0a727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "3674604465816539936"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Accept-Ranges: bytes
Expires: Mon, 14 Aug 2023 19:05:48 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 36ms
35ms Image
image/png 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/e992cd4de3c7044f/default+en.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/e992cd4de3c7044f/default+en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 12:04:55 GMT
x-content-type-options: nosniff
age: 284453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 10 Aug 2024 12:04:55 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 37ms
36ms Image
image/png 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:35:50 GMT
x-content-type-options: nosniff
age: 520198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 07 Aug 2024 18:35:50 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
127 B 112ms
37ms Image
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:48 GMT
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin

GET
H2

200

compass.js Show response
jgl.microad.net/js/ Frame F6CF
Redirect Chain

https://j.microad.net/js/compass.js
https://jgl.microad.net/js/compass.js

128 KB
30 KB

354ms
276ms

Script
application/javascript

14.0.41.202
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://jgl.microad.net/js/compass.js
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1187/
Protocol: H2
Server: 14.0.41.202 Osaka, Japan, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: aa7469f638262821f7ff37616788f67addec2140d47b6d4396a98d0e11391e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:49 GMT
content-encoding: gzip
via: 1.1 PSrbJP1ww66:0 (W), 1.1 PSrbdbOSA1rw96:11 (W)
last-modified: Tue, 11 Jul 2023 01:36:36 GMT
server: PWS/8.3.1.0.8
etag: "1ff4f-gzip"
x-ws-request-id: 64da7b0d_PSrbdbOSA1rw96_44379-24402
content-type: application/javascript
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
cache-control: max-age=604800
x-px: ht PSrbdbOSA1rw96KIX
accept-ranges: bytes
content-length: 29980
expires: Fri, 18 Aug 2023 01:44:40 GMT

Redirect headers

date: Mon, 14 Aug 2023 19:05:48 GMT
via: 1.0 PSrbdbOSA1rw96:10 (W)
server: PWS/8.3.1.0.8
x-ws-request-id: 64da7b0c_PSrbdbOSA1rw96_44379-24373
location: https://jgl.microad.net/js/compass.js
access-control-allow-origin: *
cache-control: no-cache
x-px: -
content-length: 0

GET
H/1.1 200
OK ajax.module.js Show response
media5.fc2.com/js/ Frame F6CF 2 KB
2 KB 292ms
192ms Script
application/javascript 104.244.99.99
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://media5.fc2.com/js/ajax.module.js
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1187/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.99 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: 08594aa8f6b8760ac36e53b99ddd70973dfc79447a1fc993a746ac975bd64565

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/1187/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:48 GMT
Last-Modified: Wed, 03 Jun 2020 10:26:22 GMT
Server: nginx
ETag: "5ed77ace-63b"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1595

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3122 869 B
658 B 145ms
114ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=850da8c1e30518d4c3c3e9467b3811fe4000a2e1

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Flanterman.web.fc2.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time: 107
date: Mon, 14 Aug 2023 19:05:47 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Mon, 14 Aug 2023 19:05:48 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: ef88d02c9dbe88c2
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143934
x-connection-hash: 30b0641ffd4b4a7efc70cb9b1350b34a6c63b67d6c02cd697c220c13d5f3c250
content-length: 337

GET
H2

200

compass.js Show response
jgl.microad.net/js/ Frame 6EBE
Redirect Chain

https://j.microad.net/js/compass.js
https://jgl.microad.net/js/compass.js

128 KB
30 KB

398ms
320ms

Script
application/javascript

14.0.41.202
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://jgl.microad.net/js/compass.js
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1188/
Protocol: H2
Server: 14.0.41.202 Osaka, Japan, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: aa7469f638262821f7ff37616788f67addec2140d47b6d4396a98d0e11391e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:49 GMT
content-encoding: gzip
via: 1.1 PSrbJP1ww66:0 (W), 1.1 PSrbdbOSA1gs91:12 (W)
last-modified: Tue, 11 Jul 2023 01:36:36 GMT
server: PWS/8.3.1.0.8
etag: "1ff4f-gzip"
x-ws-request-id: 64da7b0d_PSrbdbOSA1rw96_44379-24403
content-type: application/javascript
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
cache-control: max-age=604800
x-px: ht PSrbdbOSA1gs91KIX
accept-ranges: bytes
content-length: 29980
expires: Fri, 18 Aug 2023 01:43:43 GMT

Redirect headers

date: Mon, 14 Aug 2023 19:05:48 GMT
via: 1.0 PSrbdbOSA1ap90:7 (W)
server: PWS/8.3.1.0.8
x-ws-request-id: 64da7b0c_PSrbdbOSA1rw96_44379-24374
location: https://jgl.microad.net/js/compass.js
access-control-allow-origin: *
cache-control: no-cache
x-px: -
content-length: 0

GET
H/1.1 200
OK ajax.module.js Show response
media5.fc2.com/js/ Frame 6EBE 2 KB
2 KB 338ms
185ms Script
application/javascript 104.244.99.99
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://media5.fc2.com/js/ajax.module.js
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1188/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.99 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: 08594aa8f6b8760ac36e53b99ddd70973dfc79447a1fc993a746ac975bd64565

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/1188/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:48 GMT
Last-Modified: Wed, 03 Jun 2020 10:26:22 GMT
Server: nginx
ETag: "5ed77ace-63b"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1595

GET
H/1.1 200
OK timeline.16b53cc33aaa562f8f41a495bf720289.js Show response
platform.twitter.com/js/ 8 KB
4 KB 1763ms
1763ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.16b53cc33aaa562f8f41a495bf720289.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6FA0) /
Resource Hash: 7cccd8f78bd73c79f1281052eb4c9bdf6f38386fca206da9954fdf24ab0784af

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:50 GMT
Content-Encoding: gzip
Age: 1816
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2964
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
Server: ECS (pab/6FA0)
Etag: "569768187d20181e1cdea6aa19f3a4b4+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 cookie_loader.html Show response
cache.send.microadinc.com/js/ Frame E50C 2 KB
2 KB 93ms
16ms Document
text/html 52.84.174.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microadinc.com/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.174.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-174-105.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: https://media5.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 71563
content-length: 1909
content-type: text/html
date: Mon, 14 Aug 2023 04:30:05 GMT
etag: "10cf9c751f3fdad8c8784c6bf8cee57a"
last-modified: Thu, 28 Oct 2021 12:57:38 GMT
server: AmazonS3
via: 1.1 19d683585ba961e1ecbb57668eec0a62.cloudfront.net (CloudFront)
x-amz-cf-id: 0_KCLXSsj8FtBMIL1rqMxcLHynlCoFIsyfeg3fIgeolK5E6jIjXK-A==
x-amz-cf-pop: CDG50-P1
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7
x-cache: Hit from cloudfront

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ Frame F6CF 6 KB
3 KB 58ms
7ms Script
application/javascript 2a02:26f0:480:25::1726:620a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:620a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Mon, 14 Aug 2023 19:05:49 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/ 154 KB
52 KB 139ms
139ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b786a6f63e1e7fdb6c1e3ed5540e42525ef8a8f2201dbe6edcf34c684e9f83f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lanterman.web.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53701
x-xss-protection: 0
server: cafe
etag: 11557671097352598135
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:05:49 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1A28 94 KB
37 KB 756ms
756ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&adk=1221782170&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1692039949361&bpp=1&bdt=8852&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7bb4dad133dce13a-22133ef14fde006f%3AT%3D1692039943%3ART%3D1692039943%3AS%3DALNI_MbjAKIo5pY-fUnqLn9TCriQlejWBw&gpic=UID%3D00000d8b1e482593%3AT%3D1692039943%3ART%3D1692039943%3AS%3DALNI_MapxLZvDEn42EAjO1mHiddnnPyRGw&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=8464002683876&frm=20&pv=1&ga_vid=1450332216.1692039943&ga_sid=1692039943&ga_hid=806102051&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=3096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076924%2C44785292%2C44795922&oid=2&psts=AOrYGskepYAHDMlPK3U0h8lnPO9cHz9kluWc18d6-3P_k8WIQaRnQwynf-ENV8QDJ_V2Ejf4sxnKmHeFm5f4h1EefWTv2QvC&pvsid=2929847998735624&tmod=1488762475&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=njHK4gkzcI&p=http%3A//lanterman.web.fc2.com&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

611a81747d7d108c022ef7aeae2ed759d23d62438d14378732be76702bed4eb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 38356
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:05:50 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ Frame F6CF 3 KB
3 KB 805ms
262ms Script
text/javascript 202.233.84.9
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=93a2ec9f57837adb360556712d6b9a91&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fmedia5.fc2.com%2F1187%2F&referrer=http%3A%2F%2Flanterman.web.fc2.com%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=2053d30ed796de0189f570ac4c

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.9 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

45cfa9780ba1e60cee8743e7e63666d843082ba30e58b8242644bbfb1f1b5aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:50 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: text/javascript;charset=UTF-8
Connection: close
Content-Length: 2582
X-XSS-Protection: 1; mode=block

GET
H2 200 cookie_loader.html Show response
cache.send.microadinc.com/js/ Frame C8EA 2 KB
2 KB 15ms
15ms Document
text/html 52.84.174.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microadinc.com/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.174.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-174-105.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: https://media5.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 71563
content-length: 1909
content-type: text/html
date: Mon, 14 Aug 2023 04:30:05 GMT
etag: "10cf9c751f3fdad8c8784c6bf8cee57a"
last-modified: Thu, 28 Oct 2021 12:57:38 GMT
server: AmazonS3
via: 1.1 19d683585ba961e1ecbb57668eec0a62.cloudfront.net (CloudFront)
x-amz-cf-id: COTgG-9Oxh2lt7YB5_fiwT3FXCfbz23-AT835XYI5WalpaYuhoZQGA==
x-amz-cf-pop: CDG50-P1
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7
x-cache: Hit from cloudfront

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ Frame 6EBE 6 KB
3 KB 7ms
7ms Script
application/javascript 2a02:26f0:480:25::1726:620a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:620a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Mon, 14 Aug 2023 19:05:49 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ Frame F6CF 10 B
182 B 301ms
256ms XHR
application/json 2600:1901:0:e207::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=1011503&vid=01H7TQ1B2NG4Q5X1SPFJQ83VKN
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: https://media5.fc2.com
date: Mon, 14 Aug 2023 19:05:49 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H2 200 sync Show response
gum.criteo.com/ Frame E50C 45 B
287 B 51ms
16ms Script
text/javascript 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=46&r=2&j=handleData

Requested by

Host: cache.send.microadinc.com
URL: https://cache.send.microadinc.com/js/cookie_loader.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f82eeb7d741fcdd22be2f05939c7196ba620b539243541c6a56ab6cd62462613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cache.send.microadinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:48 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 214271
expires: 60

GET
H2 200 sync Show response
gum.criteo.com/ Frame C8EA 45 B
286 B 43ms
17ms Script
text/javascript 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=46&r=2&j=handleData

Requested by

Host: cache.send.microadinc.com
URL: https://cache.send.microadinc.com/js/cookie_loader.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f82eeb7d741fcdd22be2f05939c7196ba620b539243541c6a56ab6cd62462613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cache.send.microadinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:48 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 456790
expires: 60

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ Frame 6EBE 3 KB
3 KB 773ms
260ms Script
text/javascript 202.233.84.9
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=793761e06e731a9b432e33760ab1c55d&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fmedia5.fc2.com%2F1188%2F&referrer=http%3A%2F%2Flanterman.web.fc2.com%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=dbdd649fceec200189f570ac6d

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.9 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

3c8408b40044e883fc448e7cb39357a3ba58dbaff7048853d138bb790d1e2961

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:50 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: text/javascript;charset=UTF-8
Connection: close
Content-Length: 2567
X-XSS-Protection: 1; mode=block

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/ Frame 8CB5 10 KB
4 KB 38ms
38ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 01:02:56 GMT
etag: 12368291122986407432
expires: Mon, 28 Aug 2023 01:02:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/ Frame 4300 10 KB
4 KB 38ms
38ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 01:02:56 GMT
etag: 12368291122986407432
expires: Mon, 28 Aug 2023 01:02:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/ Frame D050 10 KB
4 KB 38ms
38ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lanterman.web.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 01:02:56 GMT
etag: 12368291122986407432
expires: Mon, 28 Aug 2023 01:02:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 8CB5 4 KB
767 B 59ms
58ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 19:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 18:07:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 19:05:49 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8CB5 205 B
520 B 38ms
37ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 02:55:22 GMT
x-content-type-options: nosniff
age: 490227
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 08 Aug 2024 02:55:22 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8CB5 604 B
695 B 39ms
37ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 02:59:57 GMT
x-content-type-options: nosniff
age: 57952
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 13 Aug 2024 02:59:57 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/ Frame 8CB5 15 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29d66372a3c96dcd72388bd1bc1d1e69d704c97b9a35dbf2b231b64a7e0e80d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:48:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6441
x-xss-protection: 0
server: cafe
etag: 14691725014340836395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 00:48:22 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/ Frame 8CB5 20 KB
8 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 23:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8576
x-xss-protection: 0
server: cafe
etag: 10593844011591499743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 23:58:53 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 4300 2 KB
931 B 36ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 4300 23 KB
9 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 4300 3 KB
1 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:05:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4217 1 KB
643 B 51ms
50ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34602
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 09:29:07 GMT
etag: 48472445140208031
expires: Tue, 15 Aug 2023 09:29:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 4300 20 KB
8 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4300 179 KB
56 KB 54ms
48ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:05:49 GMT

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame 4300 33 KB
14 KB 49ms
43ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 16:01:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Nov 2023 09:28:51 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame D050 2 KB
926 B 35ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame D050 23 KB
9 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame D050 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:05:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 745A 1 KB
643 B 39ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34602
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 09:29:07 GMT
etag: 48472445140208031
expires: Tue, 15 Aug 2023 09:29:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame D050 20 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D050 0
0 47ms
46ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzULQy7TZTy1pzRwIt9eaZJwp-WxyjJHNOepObHZIuUosM4yJ0Z8rgRSh9o9srXrhPvoRsDzii6DogHqOVgexnpEJvMw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D050 179 KB
56 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:05:49 GMT

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame D050 33 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 16:01:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Nov 2023 09:28:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 95AF 14 KB
1 KB 252ms
251ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Aug 2023 19:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 17:12:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Aug 2023 19:05:49 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 95AF 2 KB
892 B 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 95AF 23 KB
9 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7106 143 B
166 B 40ms
39ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 18:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 95AF 3 KB
1 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:05:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 67D8 1 KB
643 B 40ms
39ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34602
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 09:29:07 GMT
etag: 48472445140208031
expires: Tue, 15 Aug 2023 09:29:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 95AF 20 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 95AF 0
0 46ms
46ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRcNRzytkDaOxSZyccG1tkM3b-XX_srpA3r8wmPj99_8eQDF3nG5rthhjVlPHHi2ulq8LTJBt367XEmO59GZUxbFRejDA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 95AF 179 KB
56 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:05:49 GMT

GET
H3 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame 95AF 33 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 16:01:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Nov 2023 09:28:51 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4217
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELwOsO62xUcVUzRWka5RX3A&google_cver=1&google_push=AXcoOmQrg4AEqz0pmRqKhvqL9G16SqBKGYoy7N8LZFnhqNxWfl8UFoky8Tzq66juUp6GAA4utKpCi0VeyWQYlS7ppIC4N8f_fzBXHQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzg0Mzc0MDYyNDIzMTUwMjI3Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELwOsO62xUcVUzRWka5RX3A&google_cver=1

43 B
398 B

71ms
16ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELwOsO62xUcVUzRWka5RX3A&google_cver=1
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELwOsO62xUcVUzRWka5RX3A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 4217 0
104 B 278ms
67ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHo7uqxUP3IxGIoabmQenrw&google_cver=1&google_push=AXcoOmSnbry2xzQmd1PNARzEEidfjIec7-691B6S4Jz1ozMVhXlvYVuyPi81n-mhPl1u8Hu-REXrBWZTLfeFrMbNs9HHSFC2W7tW2w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4217
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEeGxqQVdCGf4leVi0gILrc&google_push=AXcoOmRM5CanhI1FshC-iuTs_qlDGtJaUS9ezNQw3dXOcYp5214VdYqj3A...

170 B
232 B

50ms
49ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEeGxqQVdCGf4leVi0gILrc&google_push=AXcoOmRM5CanhI1FshC-iuTs_qlDGtJaUS9ezNQw3dXOcYp5214VdYqj3AoSrgjhwTNqc9RREZAxOt2KXrAApr-qlSgYmmrNgjyY

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230085-FRA
pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1692039950.805059,VS0,VE90
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEeGxqQVdCGf4leVi0gILrc&google_push=AXcoOmRM5CanhI1FshC-iuTs_qlDGtJaUS9ezNQw3dXOcYp5214VdYqj3AoSrgjhwTNqc9RREZAxOt2KXrAApr-qlSgYmmrNgjyY
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 4217 70 B
264 B 123ms
49ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJVTS583HHt8wSxRp2KWjMM&google_cver=1&google_push=AXcoOmTLrsVm9uaF16ve1jRefYK8EZWnI1avAawDhwe7yXkjaP1TTV-U1K8jNZ3qkNlnboTRf3WYwXrNSbQ0PM_oN4o4lBY0P23p-g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
x.bidswitch.net/ Frame 4217 43 B
146 B 34ms
7ms Image
image/gif 52.28.179.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGtLdRRyJ4ESfo7_rVqjKPo&google_cver=1&google_push=AXcoOmR1WzFh-Smlqkfu-B3W-yT66POrH28JF_QggP5M_LHl7SuO6AbJJhUs3xjIb8Ex-vBrtrG0V1owQaf0dXhsX9hUC1mKM_Jklw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.179.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-179-48.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 4217 43 B
363 B 55ms
15ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT08DvNDLKVLisEOUdwYdazwB1MkhFFp6JHHzNi3oOYigb2Zm9BTf3Z1CsvYLsGHvPWdPWihx5IrzA3adqUSRFpEaGdX0sr5A&google_gid=CAESEBC3ISewyS-IO-uBl5AD12A&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 279643
expires: Mon, 14 Aug 2023 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 4217
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECvsSOyul6By...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmS3xthlhZBEo33DjPbVe_r4u6eWkSenLNlaWOb6UuYYH5Y_Vl4COC6eovSLNWUPtk0_uDYS7k1Xhwf2-xMjXPJhBEPvAhhed9o
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

37ms
37ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Mon, 14 Aug 2023 19:05:49 GMT
pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4217 0
130 B 147ms
46ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IBIiyYdmF09iZs1zxVnaFDFVcypcA93onMUVKI2Cz-gRvNFevhYI3xqviH9Z6wP0ojutEEHA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 745A
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELwOsO62xUcVUzRWka5RX3A&google_cver=1&google_push=AXcoOmSBQHGp39RNbbl4MBuOgfAjOwKCzn48zcUP-L_Pwfvval7bGiNbjaQP-14FZH238jIVBXMk6IAh4OXRIUwKntwgMq14Rkm3P...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODA1OTkxMzQwNjM0NTI4NjA4MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELwOsO62xUcVUzRWka5RX3A&google_cver=1

43 B
398 B

70ms
15ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELwOsO62xUcVUzRWka5RX3A&google_cver=1
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELwOsO62xUcVUzRWka5RX3A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 745A 0
103 B 243ms
67ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHo7uqxUP3IxGIoabmQenrw&google_cver=1&google_push=AXcoOmSefajEZCQik7U2fPr78ZcxMBb6TjD43zWVIlxCiQr9EZG7oij6iydXjrkpHWa16EuW4hIV9JFbnUk2grpod4U6h0_paixcV7XoNB2G7kpNgRRR6zo74ylFFFJUoQA8T8FvteVdzviAf7dh_oBeeXwrzOc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 745A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHeNYSRoAuyQzV4rLQOGqD4&google_cver=1&google_push=AXcoOmTu3tA6cJ9lo4KEFDlsraE9TlRtDCGhsko77U-nsJ_g6PN0kyacdk6W0rAp5PErfo9gminYL5_rp3EVqG5W...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTu3tA6cJ9lo4KEFDlsraE9TlRtDCGhsko77U-nsJ_g6PN0kyacdk6W0rAp5PErfo9gminYL5_rp3EVqG5Wj8J_QhcwwnpgIe8dRoVb7PRMqUyowl...

170 B
232 B

49ms
48ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTu3tA6cJ9lo4KEFDlsraE9TlRtDCGhsko77U-nsJ_g6PN0kyacdk6W0rAp5PErfo9gminYL5_rp3EVqG5Wj8J_QhcwwnpgIe8dRoVb7PRMqUyowl-5LVwO3eX7XnwZ5cJB08JGSVf_BRFrbgw5RhXHHQs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 14 Aug 2023 19:05:49 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x27 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTu3tA6cJ9lo4KEFDlsraE9TlRtDCGhsko77U-nsJ_g6PN0kyacdk6W0rAp5PErfo9gminYL5_rp3EVqG5Wj8J_QhcwwnpgIe8dRoVb7PRMqUyowl-5LVwO3eX7XnwZ5cJB08JGSVf_BRFrbgw5RhXHHQs
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 14 Aug 2023 19:05:48 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 745A
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIUc11xOwVIM-p0FQRbWaVY&google_cver=1&google_push=AXcoOmQ3ue0c44UwQcxd5qvG7PwcSdQptiYXDMh9nCwkKk9RSlcWpAr-kSYmRLo3t2YmWtVxH4m9gfnGP9F5LHnFoG5LhpT-dXlqT...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIUc11xOwVIM-p0FQRbWaVY&google_cver=1&google_push=AXcoOmQ3ue0c44UwQcxd5qvG7PwcSdQptiYXDMh9nCwkKk9RSlcWpAr-kSYmRLo3t2YmWtVxH4m9gfnGP9F5LHnFoG5LhpT-dXl...

43 B
432 B

201ms
178ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIUc11xOwVIM-p0FQRbWaVY&google_cver=1&google_push=AXcoOmQ3ue0c44UwQcxd5qvG7PwcSdQptiYXDMh9nCwkKk9RSlcWpAr-kSYmRLo3t2YmWtVxH4m9gfnGP9F5LHnFoG5LhpT-dXlqTvb1-T8OEJMlC8FTguVrMSz7g3GFqKLlj_Yd0edDB6ldon868C4TPC7MWoo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ3ue0c44UwQcxd5qvG7PwcSdQptiYXDMh9nCwkKk9RSlcWpAr-kSYmRLo3t2YmWtVxH4m9gfnGP9F5LHnFoG5LhpT-dXlqTvb1-T8OEJMlC8FTguVrMSz7g3GFqKLlj_Yd0edDB6ldon868C4TPC7MWoo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:50 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f6b78b8492f6903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:50 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 257
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIUc11xOwVIM-p0FQRbWaVY&google_cver=1&google_push=AXcoOmQ3ue0c44UwQcxd5qvG7PwcSdQptiYXDMh9nCwkKk9RSlcWpAr-kSYmRLo3t2YmWtVxH4m9gfnGP9F5LHnFoG5LhpT-dXlqTvb1-T8OEJMlC8FTguVrMSz7g3GFqKLlj_Yd0edDB6ldon868C4TPC7MWoo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ3ue0c44UwQcxd5qvG7PwcSdQptiYXDMh9nCwkKk9RSlcWpAr-kSYmRLo3t2YmWtVxH4m9gfnGP9F5LHnFoG5LhpT-dXlqTvb1-T8OEJMlC8FTguVrMSz7g3GFqKLlj_Yd0edDB6ldon868C4TPC7MWoo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f6b78b68e806903-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 745A 70 B
265 B 68ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJVTS583HHt8wSxRp2KWjMM&google_cver=1&google_push=AXcoOmTAE8wognk_t_I8rgzOqdv2w24mcE9nVTXhfGVkSDUC56lPMkkT5VgXJqJ3wf0N90b71_UcOnZv2QwKQvHO9D4dKqUufb25mv8teKfhNv6EBHLO_dobbbnjTTXI3mcaSq5VUIxOX84a7wXENiCZj13VmNs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 745A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAPsneA9_z8okCFs34BPmuc&google_cver=1&google_push=AXcoOmTFgBMg_jpn-Tlyt18fUxao1Wnngp-pimyRyEV2T7s55GF8EgqmKTJMqcnOYMCh0gb8ZdKp6IYI...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAPsneA9_z8okCFs34BPmuc&google_cver=1&google_push=AXcoOmTFgBMg_jpn-Tlyt18fUxao1Wnngp-pimyRyEV2T7s55GF8EgqmKTJMqcnOYMCh0gb8ZdK...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjk4Njk1NjI4OTIxNjgyODE2MA&google_push=AXcoOmTFgBMg_jpn-Tlyt18fUxao1Wnngp-pimyRyEV2T7s55GF8EgqmKTJMqcnOYMCh0gb8ZdKp6I...

170 B
188 B

53ms
52ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjk4Njk1NjI4OTIxNjgyODE2MA&google_push=AXcoOmTFgBMg_jpn-Tlyt18fUxao1Wnngp-pimyRyEV2T7s55GF8EgqmKTJMqcnOYMCh0gb8ZdKp6IYIWbPUivA_BbKF16LS60y_L3cLXIaUBSQLj7FJQxkn7m4Q1o_diFufUsBQc9WRNBGvz6TO6e-efKezzGI

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjk4Njk1NjI4OTIxNjgyODE2MA&google_push=AXcoOmTFgBMg_jpn-Tlyt18fUxao1Wnngp-pimyRyEV2T7s55GF8EgqmKTJMqcnOYMCh0gb8ZdKp6IYIWbPUivA_BbKF16LS60y_L3cLXIaUBSQLj7FJQxkn7m4Q1o_diFufUsBQc9WRNBGvz6TO6e-efKezzGI
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 745A
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEEajhadNNgV_yBU1mIGSrHo&google_cver=1&google_push=AXcoOmS31Qp0eYZogirSTFdJc4D95EAErs_gpp6XchV5152jYpl-AwSSWlj4IFKGCb...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmS31Qp0eYZogirSTFdJc4D95EAErs_gpp6XchV5152jYpl-AwSSWlj4IFKGCbJi0CfhdMsFmRsfEOfCerUB8girAOXy1n9sV2NUBJrdwE29y2...

170 B
243 B

47ms
47ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmS31Qp0eYZogirSTFdJc4D95EAErs_gpp6XchV5152jYpl-AwSSWlj4IFKGCbJi0CfhdMsFmRsfEOfCerUB8girAOXy1n9sV2NUBJrdwE29y2qfKaJDt9Lf6VU-XFx5rv2W0j6vPOrc0yz-scsxnTaYkOY&google_hm=17bLBAZNTnibcBGwFnGCAbA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmS31Qp0eYZogirSTFdJc4D95EAErs_gpp6XchV5152jYpl-AwSSWlj4IFKGCbJi0CfhdMsFmRsfEOfCerUB8girAOXy1n9sV2NUBJrdwE29y2qfKaJDt9Lf6VU-XFx5rv2W0j6vPOrc0yz-scsxnTaYkOY&google_hm=17bLBAZNTnibcBGwFnGCAbA
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 745A 0
40 B 112ms
48ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IO2MAbmPLnA259qvt3kpsmB3jg7BxamZaCNNoLD7oiZi3jNx4GbyEpDUxVo71GhSKk_cXfvg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 6366577050654100567
tpc.googlesyndication.com/daca_images/simgad/ Frame 4300 30 KB
30 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/6366577050654100567?w=360&h=720

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7dc84af572a7ed5756c3c6d32d3c8ba09df03653d3df6daa5651105dc0d6552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:13:53 GMT
x-content-type-options: nosniff
age: 129116
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30769
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 19:09:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 20 Aug 2023 07:13:53 GMT

GET
DATA 200
OK truncated
/ Frame 4300 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8aaaccc6cca0dc29a1019cbdb983a6b546648a09cca0e31f4751ed4ce0073258

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 67D8 35 B
463 B 80ms
8ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECDyr8KWFqkj-PL2aAYuswk&google_cver=1&google_push=AXcoOmSqGuGjnwDn66PGSoq4919gcVPsS8FUwjrS_8DuCMTCLXutxR11aubemFP7H4UIZv5GGWVb-T0OyiaN87G9LqaXJLfAhX4p4Scv

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 67D8
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIUc11xOwVIM-p0FQRbWaVY&google_cver=1&google_push=AXcoOmTmXpYwoe1hFfGYHs-FKgYVS5Rc5qmoifi0dtcGn7Ho1WRgu7NlYnGp4GN9C6kXJsGifrE5LgpTvB13jy2LKwZRBGZT8PKD6...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIUc11xOwVIM-p0FQRbWaVY&google_cver=1&google_push=AXcoOmTmXpYwoe1hFfGYHs-FKgYVS5Rc5qmoifi0dtcGn7Ho1WRgu7NlYnGp4GN9C6kXJsGifrE5LgpTvB13jy2LKwZRBGZT8PK...

43 B
410 B

197ms
196ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIUc11xOwVIM-p0FQRbWaVY&google_cver=1&google_push=AXcoOmTmXpYwoe1hFfGYHs-FKgYVS5Rc5qmoifi0dtcGn7Ho1WRgu7NlYnGp4GN9C6kXJsGifrE5LgpTvB13jy2LKwZRBGZT8PKD6Fh1&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTmXpYwoe1hFfGYHs-FKgYVS5Rc5qmoifi0dtcGn7Ho1WRgu7NlYnGp4GN9C6kXJsGifrE5LgpTvB13jy2LKwZRBGZT8PKD6Fh1%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:50 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f6b78b849356903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:50 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 2041
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIUc11xOwVIM-p0FQRbWaVY&google_cver=1&google_push=AXcoOmTmXpYwoe1hFfGYHs-FKgYVS5Rc5qmoifi0dtcGn7Ho1WRgu7NlYnGp4GN9C6kXJsGifrE5LgpTvB13jy2LKwZRBGZT8PKD6Fh1&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTmXpYwoe1hFfGYHs-FKgYVS5Rc5qmoifi0dtcGn7Ho1WRgu7NlYnGp4GN9C6kXJsGifrE5LgpTvB13jy2LKwZRBGZT8PKD6Fh1%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f6b78b6df5b6903-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 67D8
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEOykj36sZGNod90OrHZEzYw&google_cver=1&google_push=AXcoOmRXiMCbxnTuOAlhf5NEAEJFv1dh6M35XZqe6JAAwxqh7wmHkTANyQ2-t1aF__Qx5dJTUVbaPFrytA5MHBy0BvelKEBfNCs0O8uU
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmRXiMCbxnTuOAlhf5NEAEJFv1dh6M35XZqe6JAAwxqh7wmHkTANyQ2-t1aF__Qx5dJTUVbaPFrytA5MHBy0BvelKEBfNCs0O8uU&google_hm=Q0FFU0VPeWtqMzZzW...

170 B
188 B

55ms
55ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmRXiMCbxnTuOAlhf5NEAEJFv1dh6M35XZqe6JAAwxqh7wmHkTANyQ2-t1aF__Qx5dJTUVbaPFrytA5MHBy0BvelKEBfNCs0O8uU&google_hm=Q0FFU0VPeWtqMzZzWkdOb2Q5ME9ySFpFell3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 19:05:49 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmRXiMCbxnTuOAlhf5NEAEJFv1dh6M35XZqe6JAAwxqh7wmHkTANyQ2-t1aF__Qx5dJTUVbaPFrytA5MHBy0BvelKEBfNCs0O8uU&google_hm=Q0FFU0VPeWtqMzZzWkdOb2Q5ME9ySFpFell3
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 67D8 0
98 B 68ms
21ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmS1RIYgiQfWYiGb31_jrjH7KKETtBthkmKU39vSN_oGH1_bV_kwqfLyuQJWdyGFBuo_QNxTysq0fhpkBdG0bA2-vhnNQHGFg1Lf&google_gid=CAESEE-7XbxgCjwKDFqgrDPt3h8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 67D8
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAPsneA9_z8okCFs34BPmuc&google_cver=1&google_push=AXcoOmSYJrf29iGX43jGctzCAuGJs17As_-QiTwm3BwFkgbodz_kQ1MsM8bx2N3Es2-ITPYv5WhZ60u1...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAPsneA9_z8okCFs34BPmuc&google_cver=1&google_push=AXcoOmSYJrf29iGX43jGctzCAuGJs17As_-QiTwm3BwFkgbodz_kQ1MsM8bx2N3Es2-ITPYv5Wh...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDczNjE2MjgzMTQ5NTQyOTkyMg&google_push=AXcoOmSYJrf29iGX43jGctzCAuGJs17As_-QiTwm3BwFkgbodz_kQ1MsM8bx2N3Es2-ITPYv5WhZ60...

170 B
188 B

53ms
53ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDczNjE2MjgzMTQ5NTQyOTkyMg&google_push=AXcoOmSYJrf29iGX43jGctzCAuGJs17As_-QiTwm3BwFkgbodz_kQ1MsM8bx2N3Es2-ITPYv5WhZ60u1FoveQDr-8R_icQI7i2V7VvlJ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDczNjE2MjgzMTQ5NTQyOTkyMg&google_push=AXcoOmSYJrf29iGX43jGctzCAuGJs17As_-QiTwm3BwFkgbodz_kQ1MsM8bx2N3Es2-ITPYv5WhZ60u1FoveQDr-8R_icQI7i2V7VvlJ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame 67D8 43 B
297 B 204ms
25ms Image
image/gif 2a05:d01c:1d8:8100:52d1:b8b3:a311:ae99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEJwUrh_U1y2t5O8IZhYn-x0&google_cver=1&google_push=AXcoOmTfFPRlQQ2gPq2m9lWTJHiV8mCSyAVg7xSPx0d47HCad5_TxxZKK81qoP8711CcMu9R3vMFpDDLEczcxzG2IRrxfGOiYvBOzDo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:52d1:b8b3:a311:ae99 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 14 Aug 2023 19:05:50 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 67D8
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEEajhadNNgV_yBU1mIGSrHo&google_cver=1&google_push=AXcoOmT4VQYlt77Za_cX5zwTaJyuUGQM7_VQ0859ckIocUPDWfXamuzVyY3LD91QK2...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT4VQYlt77Za_cX5zwTaJyuUGQM7_VQ0859ckIocUPDWfXamuzVyY3LD91QK2QF3E9eGFZa_DZUtz6XavVqjSKu4hvwiobQBUou0Q&google_...

170 B
232 B

51ms
48ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT4VQYlt77Za_cX5zwTaJyuUGQM7_VQ0859ckIocUPDWfXamuzVyY3LD91QK2QF3E9eGFZa_DZUtz6XavVqjSKu4hvwiobQBUou0Q&google_hm=17bLBAZNTnibcBGwFnGCAbA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT4VQYlt77Za_cX5zwTaJyuUGQM7_VQ0859ckIocUPDWfXamuzVyY3LD91QK2QF3E9eGFZa_DZUtz6XavVqjSKu4hvwiobQBUou0Q&google_hm=17bLBAZNTnibcBGwFnGCAbA
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 67D8 0
40 B 50ms
48ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JtT-a0L2gpg2UT8UDK9ngoe7Ma3CUguqPrfaMpJWeE5f6Z3H-Vge5kZ6VTlqJn8wb1hTe4_g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js Show response
pagead2.googlesyndication.com/bg/ Frame 90A0 38 KB
15 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 16:15:36 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7106
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

55ms
54ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:05:49 GMT
expires: Mon, 14 Aug 2023 19:05:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:05:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4300
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C_W7UDHvaZKa2CZCBkwP8oJLwAZit3p1yvM_auuQRlfPJmY0OEAEgq_qMHmCV4pCCoAegAbmiyPMpyAEBqAMByAPLBKoE1wFP0MxkKOlHL0YCvY8EEjYHtaUE8nZ4_JOTNOnCiYXlL3TuCKM...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222624924470830973510%22,%22debug_reporting%22:true,%22destination%22:%22https://tenlira.net%22,%22event_report_window%22:%2...

0
0

73ms
73ms

Fetch
text/css

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222624924470830973510%22,%22debug_reporting%22:true,%22destination%22:%22https://tenlira.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211248210233%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22625353698504211521%22}&andc=true

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:50 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2624924470830973510","debug_reporting":true,"destination":"https://tenlira.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11248210233"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"625353698504211521"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 19:05:50 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 19:05:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2624924470830973510","debug_reporting":true,"destination":"https://tenlira.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11248210233"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"625353698504211521"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 12313191165985378467
tpc.googlesyndication.com/daca_images/simgad/ Frame D050 23 KB
23 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/12313191165985378467?w=360&h=720

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bca5990a07b3dc4fde2d6205ffb47d8b3edbe229390491f2071e4aace15f0e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 23:33:07 GMT
x-content-type-options: nosniff
age: 70362
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23151
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 18:14:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 20 Aug 2023 23:33:07 GMT

GET
DATA 200
OK truncated
/ Frame D050 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d9f44ba07e71df2f22693694583c35883be2fc3c2c2473d7cce521a039752e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js Show response
pagead2.googlesyndication.com/bg/ Frame F072 38 KB
15 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 16:15:36 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D050
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CT6ncDHvaZKe2CZCBkwP8oJLwAcz0_Kxy1f3n_IsRjtGZwZkOEAEgq_qMHmCV4pCCoAegAZGjs6IpyAEBqAMByAPLBKoE2AFP0F_HIfFRCQNOSwJcVnCKhOj0c4ML4sCrlMTMqybiiAobLH7...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217483536776511705666%22,%22debug_reporting%22:true,%22destination%22:%22https://helpwire.com%22,%22event_report_window%22:...

0
0

74ms
74ms

Fetch
text/css

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217483536776511705666%22,%22debug_reporting%22:true,%22destination%22:%22https://helpwire.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211077996945%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223062771325303834065%22}&andc=true

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:50 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17483536776511705666","debug_reporting":true,"destination":"https://helpwire.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11077996945"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"3062771325303834065"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 19:05:50 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 19:05:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17483536776511705666","debug_reporting":true,"destination":"https://helpwire.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11077996945"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"3062771325303834065"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 78ms
77ms Preflight
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 19:05:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 72ms
72ms Preflight
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 19:05:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js Show response
pagead2.googlesyndication.com/bg/ Frame D5C3 38 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 16:15:36 GMT

GET
H2 200 f.js Show response
cdn-fluct.sh.adingo.jp/ Frame E280 3 KB
3 KB 347ms
274ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000107337
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:50 GMT
via: 1.1 google
last-modified: Mon, 12 Apr 2021 01:23:17 GMT
server: nginx
etag: "cf5ec206a0bc2705586f1c0fb0bd458b"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2747
expires: Mon, 14 Aug 2023 20:05:50 GMT

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ Frame F6CF 43 B
340 B 794ms
255ms Image
image/gif 202.233.84.10
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=5ZNp7DgQNmQDNf5mfQ4SICCkOZA_kDvuVgbM8HKff9zsRTn5HZStIivEnG8juuWZ6C2XbmXBl0vFXGXm-yica-d2LVXMlV7O4Q1TT_1crQbrdFy_P771sdThngo5xL8mwOO9mBm07e9Ib
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1187/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.10 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:50 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: image/gif
Connection: close
Content-Length: 57

GET
H2 200 f.js Show response
cdn-fluct.sh.adingo.jp/ Frame E32B 3 KB
3 KB 333ms
269ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000107338
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:50 GMT
via: 1.1 google
last-modified: Mon, 12 Apr 2021 01:23:17 GMT
server: nginx
etag: "cf5ec206a0bc2705586f1c0fb0bd458b"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2747
expires: Mon, 14 Aug 2023 20:05:50 GMT

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ Frame 6EBE 43 B
340 B 790ms
257ms Image
image/gif 202.233.84.10
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=5ZNp7DgRKogD3-QTSHu-Vpcb6UiREUbBzaZ0RFz5X7rdWpn3CLbDKlYfG687cW0RyS6pjd7G8Crgfgvugtcbv_-9pd3tlmAhZg4wKtx6ww6Wr9tzI3F5PfHmoOm6w9hFUY2RuWRu6wH1q
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1188/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.10 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:50 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: image/gif
Connection: close
Content-Length: 57

GET
H3 200 10754426617521207725
tpc.googlesyndication.com/daca_images/simgad/ Frame 1A28 66 KB
66 KB 42ms
40ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10754426617521207725

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&adk=1221782170&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1692039949361&bpp=1&bdt=8852&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7bb4dad133dce13a-22133ef14fde006f%3AT%3D1692039943%3ART%3D1692039943%3AS%3DALNI_MbjAKIo5pY-fUnqLn9TCriQlejWBw&gpic=UID%3D00000d8b1e482593%3AT%3D1692039943%3ART%3D1692039943%3AS%3DALNI_MapxLZvDEn42EAjO1mHiddnnPyRGw&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=8464002683876&frm=20&pv=1&ga_vid=1450332216.1692039943&ga_sid=1692039943&ga_hid=806102051&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=3096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076924%2C44785292%2C44795922&oid=2&psts=AOrYGskepYAHDMlPK3U0h8lnPO9cHz9kluWc18d6-3P_k8WIQaRnQwynf-ENV8QDJ_V2Ejf4sxnKmHeFm5f4h1EefWTv2QvC&pvsid=2929847998735624&tmod=1488762475&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=njHK4gkzcI&p=http%3A//lanterman.web.fc2.com&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc0415f9a4ba9d5d76a774350a5fb0cda2622e7aaa70ba6c6c5e93a7fa3bd7a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 02:27:31 GMT
x-content-type-options: nosniff
age: 405499
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67881
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 23:26:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Aug 2024 02:27:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 1A28 23 KB
9 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 1A28 3 KB
1 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:05:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 1A28 20 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:28:51 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1A28 0
0 49ms
48ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfPGbeI0Xl3MwVoEPBPyjRUjLTce7KllzZ-5KScW2Wj3ijxM--DUnfqy-8EwJghKyDMDI3PjT4gYgNQ4roW6Y_msmQug
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&adk=1221782170&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1692039949361&bpp=1&bdt=8852&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7bb4dad133dce13a-22133ef14fde006f%3AT%3D1692039943%3ART%3D1692039943%3AS%3DALNI_MbjAKIo5pY-fUnqLn9TCriQlejWBw&gpic=UID%3D00000d8b1e482593%3AT%3D1692039943%3ART%3D1692039943%3AS%3DALNI_MapxLZvDEn42EAjO1mHiddnnPyRGw&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=8464002683876&frm=20&pv=1&ga_vid=1450332216.1692039943&ga_sid=1692039943&ga_hid=806102051&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=3096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076924%2C44785292%2C44795922&oid=2&psts=AOrYGskepYAHDMlPK3U0h8lnPO9cHz9kluWc18d6-3P_k8WIQaRnQwynf-ENV8QDJ_V2Ejf4sxnKmHeFm5f4h1EefWTv2QvC&pvsid=2929847998735624&tmod=1488762475&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=njHK4gkzcI&p=http%3A//lanterman.web.fc2.com&dtd=5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A28 179 KB
56 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:05:50 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 1A28 35 KB
14 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e90f6b678b2f030caab438c18a9682c81b824f5b829cf9e436065c11bf293193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14283
x-xss-protection: 0
server: cafe
etag: 10830060499921058150
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 00:01:22 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A3CC 143 B
166 B 44ms
40ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&adk=1221782170&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1692039949361&bpp=1&bdt=8852&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7bb4dad133dce13a-22133ef14fde006f%3AT%3D1692039943%3ART%3D1692039943%3AS%3DALNI_MbjAKIo5pY-fUnqLn9TCriQlejWBw&gpic=UID%3D00000d8b1e482593%3AT%3D1692039943%3ART%3D1692039943%3AS%3DALNI_MapxLZvDEn42EAjO1mHiddnnPyRGw&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=8464002683876&frm=20&pv=1&ga_vid=1450332216.1692039943&ga_sid=1692039943&ga_hid=806102051&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=3096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076924%2C44785292%2C44795922&oid=2&psts=AOrYGskepYAHDMlPK3U0h8lnPO9cHz9kluWc18d6-3P_k8WIQaRnQwynf-ENV8QDJ_V2Ejf4sxnKmHeFm5f4h1EefWTv2QvC&pvsid=2929847998735624&tmod=1488762475&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=njHK4gkzcI&p=http%3A//lanterman.web.fc2.com&dtd=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 18:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 21B5 1 KB
643 B 49ms
48ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34603
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 09:29:07 GMT
etag: 48472445140208031
expires: Tue, 15 Aug 2023 09:29:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1A28 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4790387f5e413c5e17a0cc8e4eec33a8aad791ebd6f81b9c5a608633044693c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 21B5
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELwOsO62xUcVUzRWka5RX3A&google_cver=1&google_push=AXcoOmQ0DE3OhMR_1qcKUA-dp_kKD01QtEqdOptWUVn1KZQrxPdBV4zc2nombP51VYh5iUmeCDUyCapcoW5a7Swes78ngdXSM3zbg...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODA1OTkxMzQwNjM0NTI4NjA4MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELwOsO62xUcVUzRWka5RX3A&google_cver=1

43 B
398 B

14ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELwOsO62xUcVUzRWka5RX3A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&adk=1221782170&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1692039949361&bpp=1&bdt=8852&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7bb4dad133dce13a-22133ef14fde006f%3AT%3D1692039943%3ART%3D1692039943%3AS%3DALNI_MbjAKIo5pY-fUnqLn9TCriQlejWBw&gpic=UID%3D00000d8b1e482593%3AT%3D1692039943%3ART%3D1692039943%3AS%3DALNI_MapxLZvDEn42EAjO1mHiddnnPyRGw&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=8464002683876&frm=20&pv=1&ga_vid=1450332216.1692039943&ga_sid=1692039943&ga_hid=806102051&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=3096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076924%2C44785292%2C44795922&oid=2&psts=AOrYGskepYAHDMlPK3U0h8lnPO9cHz9kluWc18d6-3P_k8WIQaRnQwynf-ENV8QDJ_V2Ejf4sxnKmHeFm5f4h1EefWTv2QvC&pvsid=2929847998735624&tmod=1488762475&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=njHK4gkzcI&p=http%3A//lanterman.web.fc2.com&dtd=5
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 14 Aug 2023 19:05:50 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELwOsO62xUcVUzRWka5RX3A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21B5
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKkRbJhEqGBUiyR1IL11-yM&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKkRbJhEqGBUiyR1IL11-yM&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RzN5UXBaUGMxUXZDU1c1&google_gid=CAESEKkRbJhEqGBUiyR1IL11-yM&google_cver=1&google_push=AXcoOmS0On_V8MI177Og2mBpoY_JaSFtujY3Yft1ky78DOq...

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RzN5UXBaUGMxUXZDU1c1&google_gid=CAESEKkRbJhEqGBUiyR1IL11-yM&google_cver=1&google_push=AXcoOmS0On_V8MI177Og2mBpoY_JaSFtujY3Yft1ky78DOqK5Wk5c9bXswXKXY4jrBt0n18oMkcE1N1Ax4BJxTPN59M4kJpEtqmqo38vyroxPobV73wWYv-TtMj7HUEM2bh_82lLGROeMiR2h3dAASNGxW6G2TA

Requested by

Host: lanterman.web.fc2.com
URL: http://lanterman.web.fc2.com/

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 19:05:50 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-04a4bf5ba173144ba@eu-west-1b@dxedge-app-eu-west-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RzN5UXBaUGMxUXZDU1c1&google_gid=CAESEKkRbJhEqGBUiyR1IL11-yM&google_cver=1&google_push=AXcoOmS0On_V8MI177Og2mBpoY_JaSFtujY3Yft1ky78DOqK5Wk5c9bXswXKXY4jrBt0n18oMkcE1N1Ax4BJxTPN59M4kJpEtqmqo38vyroxPobV73wWYv-TtMj7HUEM2bh_82lLGROeMiR2h3dAASNGxW6G2TA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame 21B5 43 B
403 B 189ms
185ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEIUc11xOwVIM-p0FQRbWaVY&google_cver=1&google_push=AXcoOmRuusPhgaNahmhzcmPkb4JUMt84uoE810adW-AObHcX7FDh8BXWK717wK63FY_G3AXQJ80YbsDaZhgh4wr3OAxy9c1z25BhWEHPQkDM0oRD13e6o7kBHpjSCZ28o4zgMqBeKWO2NFc7phciR0HOzKFtc0E&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRuusPhgaNahmhzcmPkb4JUMt84uoE810adW-AObHcX7FDh8BXWK717wK63FY_G3AXQJ80YbsDaZhgh4wr3OAxy9c1z25BhWEHPQkDM0oRD13e6o7kBHpjSCZ28o4zgMqBeKWO2NFc7phciR0HOzKFtc0E%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&adk=1221782170&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1692039949361&bpp=1&bdt=8852&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7bb4dad133dce13a-22133ef14fde006f%3AT%3D1692039943%3ART%3D1692039943%3AS%3DALNI_MbjAKIo5pY-fUnqLn9TCriQlejWBw&gpic=UID%3D00000d8b1e482593%3AT%3D1692039943%3ART%3D1692039943%3AS%3DALNI_MapxLZvDEn42EAjO1mHiddnnPyRGw&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=8464002683876&frm=20&pv=1&ga_vid=1450332216.1692039943&ga_sid=1692039943&ga_hid=806102051&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=3096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076924%2C44785292%2C44795922&oid=2&psts=AOrYGskepYAHDMlPK3U0h8lnPO9cHz9kluWc18d6-3P_k8WIQaRnQwynf-ENV8QDJ_V2Ejf4sxnKmHeFm5f4h1EefWTv2QvC&pvsid=2929847998735624&tmod=1488762475&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=njHK4gkzcI&p=http%3A//lanterman.web.fc2.com&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:50 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f6b78baac1d6903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21B5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk5wN0RRQUFBSDRFVGdBYg==&google_gid=CAESEEeGxqQVdCGf4leVi0gILrc&google_cver=1&google_push=AXcoOmQg2xEyAK7sBqGvItjHihB5zZ8ySA...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk5wN0RRQUFBSDRFVGdBYg==&google_gid=CAESEEeGxqQVdCGf4leVi0gILrc&google_cver=1&google_push=AXcoOmQg2xEyAK7sBqGvItjHihB5zZ8ySAL8-l70zHXmIZuJ-54kRGguRUPS9KTdYjD4r4QemXJ8DgYd__Lfe-2HL9W1edsnwxGga154SqtseBg0mpK11I50o4ozQTjvq4b59MvmdH4VRvDT66V53WwcwLbFub4

Requested by

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230085-FRA
pragma: no-cache
date: Mon, 14 Aug 2023 19:05:50 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1692039951.504634,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk5wN0RRQUFBSDRFVGdBYg==&google_gid=CAESEEeGxqQVdCGf4leVi0gILrc&google_cver=1&google_push=AXcoOmQg2xEyAK7sBqGvItjHihB5zZ8ySAL8-l70zHXmIZuJ-54kRGguRUPS9KTdYjD4r4QemXJ8DgYd__Lfe-2HL9W1edsnwxGga154SqtseBg0mpK11I50o4ozQTjvq4b59MvmdH4VRvDT66V53WwcwLbFub4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 21B5 70 B
264 B 34ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJVTS583HHt8wSxRp2KWjMM&google_cver=1&google_push=AXcoOmSPrzCw7mkybaUA4AxaOy_iYz6JcvtXjU2DT9d75mfvY-PNUKDMthVouO-mkKdCqtp3vAHF5FHkTofeJ4W4sO2jjSSnvo9Tz18n1AA3-aS3VZMoFzp6omFQY76Tmq1fPetGBgyHKSFcfLGOgeDRjZgZEVc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6890287250975679&output=html&h=280&adk=1221782170&adf=3105276512&pi=t.aa~a.1914032700~i.10~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1519982746&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2593758635&ad_type=text_image&format=800x280&url=http%3A%2F%2Flanterman.web.fc2.com%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1692039949361&bpp=1&bdt=8852&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7bb4dad133dce13a-22133ef14fde006f%3AT%3D1692039943%3ART%3D1692039943%3AS%3DALNI_MbjAKIo5pY-fUnqLn9TCriQlejWBw&gpic=UID%3D00000d8b1e482593%3AT%3D1692039943%3ART%3D1692039943%3AS%3DALNI_MapxLZvDEn42EAjO1mHiddnnPyRGw&prev_fmts=235x600%2C800x280%2C0x0&nras=2&correlator=8464002683876&frm=20&pv=1&ga_vid=1450332216.1692039943&ga_sid=1692039943&ga_hid=806102051&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=535&ady=3096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076924%2C44785292%2C44795922&oid=2&psts=AOrYGskepYAHDMlPK3U0h8lnPO9cHz9kluWc18d6-3P_k8WIQaRnQwynf-ENV8QDJ_V2Ejf4sxnKmHeFm5f4h1EefWTv2QvC&pvsid=2929847998735624&tmod=1488762475&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=njHK4gkzcI&p=http%3A//lanterman.web.fc2.com&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 14 Aug 2023 19:05:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21B5
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEOykj36sZGNod90OrHZEzYw&google_cver=1&google_push=AXcoOmSPjPddowddnNfEE2c9lckwsB0bRxJ3m56WuWGEkerXzLBUNEhwSdx4LABCoQ1d62Rrk06XBZYpjJ9G6GaO0vs8UPRRVs-J4...
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSPjPddowddnNfEE2c9lckwsB0bRxJ3m56WuWGEkerXzLBUNEhwSdx4LABCoQ1d62Rrk06XBZYpjJ9G6GaO0vs8UPRRVs-J4Y5i1Ol2vRZn8iMstRyCjyA0O3zYGbOs...

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSPjPddowddnNfEE2c9lckwsB0bRxJ3m56WuWGEkerXzLBUNEhwSdx4LABCoQ1d62Rrk06XBZYpjJ9G6GaO0vs8UPRRVs-J4Y5i1Ol2vRZn8iMstRyCjyA0O3zYGbOsCxsUu4VnFomS22sxz8hYTzLunA&google_hm=Q0FFU0VPeWtqMzZzWkdOb2Q5ME9ySFpFell3

Requested by

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 19:05:49 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSPjPddowddnNfEE2c9lckwsB0bRxJ3m56WuWGEkerXzLBUNEhwSdx4LABCoQ1d62Rrk06XBZYpjJ9G6GaO0vs8UPRRVs-J4Y5i1Ol2vRZn8iMstRyCjyA0O3zYGbOsCxsUu4VnFomS22sxz8hYTzLunA&google_hm=Q0FFU0VPeWtqMzZzWkdOb2Q5ME9ySFpFell3
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21B5
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEEajhadNNgV_yBU1mIGSrHo&google_cver=1&google_push=AXcoOmQJSBb5ZoEH5etfupOOBgRFy5r5LgBbCRsSpduDUKeOQzXulgXT-5YDX_WE2K...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQJSBb5ZoEH5etfupOOBgRFy5r5LgBbCRsSpduDUKeOQzXulgXT-5YDX_WE2Kq9TUv4GwE4LVA5-Zh9PHyvcC_IfBuA65ODXbLTMVJa6wP9Ov...

170 B
188 B

57ms
57ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQJSBb5ZoEH5etfupOOBgRFy5r5LgBbCRsSpduDUKeOQzXulgXT-5YDX_WE2Kq9TUv4GwE4LVA5-Zh9PHyvcC_IfBuA65ODXbLTMVJa6wP9OvWZTBLCeH5OGHefmOlTi6ASh6IdOu5etakzhZO-qqCWcLDD&google_hm=17bLBAZNTnibcBGwFnGCAbA

Requested by

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:49 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQJSBb5ZoEH5etfupOOBgRFy5r5LgBbCRsSpduDUKeOQzXulgXT-5YDX_WE2Kq9TUv4GwE4LVA5-Zh9PHyvcC_IfBuA65ODXbLTMVJa6wP9OvWZTBLCeH5OGHefmOlTi6ASh6IdOu5etakzhZO-qqCWcLDD&google_hm=17bLBAZNTnibcBGwFnGCAbA
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 21B5 0
12 B 48ms
46ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KcuvV-yqVLy6Uh4U4cpcjF-Kgq__qaEHwI0SmwS8WJQE6egqGUvz8M6fSFc0bcHspHqKvxEQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1A28
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CkLyBDXvaZJCfHYOY7wKBuZuAAr-s_5pylv-z0dER2dkeEAEgq_qMHmCV4pCCoAegAd-JoNAByAECqQLX3YNie0yyPqgDAcgDyQSqBOEBT9DkHdp1vgO3KW06PNrKXSF3yENsZNCSdqTScfX...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214843200951447920896%22,%22debug_reporting%22:true,%22destination%22:%22https://studyatue.com%22,%22event_report_window%22...

0
0

74ms
73ms

Fetch
text/css

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214843200951447920896%22,%22debug_reporting%22:true,%22destination%22:%22https://studyatue.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22436733151%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222784101012615042593%22}&andc=true

Requested by

Protocol

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:50 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"14843200951447920896","debug_reporting":true,"destination":"https://studyatue.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["436733151"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"2784101012615042593"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Aug 2023 19:05:50 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Aug 2023 19:05:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14843200951447920896","debug_reporting":true,"destination":"https://studyatue.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["436733151"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"2784101012615042593"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A3CC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

58ms
58ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:05:50 GMT
expires: Mon, 14 Aug 2023 19:05:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 19:05:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 74ms
73ms Preflight
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 14 Aug 2023 19:05:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
sh.adingo.jp/ Frame E32B 3 KB
2 KB 1040ms
249ms Script
application/x-javascript 18.177.216.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/?G=1000107338&href=http%3A%2F%2Flanterman.web.fc2.com%2F&serial=11532486988572&guid=ON

Requested by

Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000107338

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.177.216.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-177-216-241.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

1040689021bc0fa1dbb2989807fc5798ff2bce16a7d7a1bcf648593ea8be4027

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Aug 2023 19:05:51 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
sh.adingo.jp/ Frame E280 3 KB
2 KB 1033ms
248ms Script
application/x-javascript 18.177.216.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/?G=1000107337&href=http%3A%2F%2Flanterman.web.fc2.com%2F&serial=83877414520036&guid=ON

Requested by

Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000107337

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.177.216.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-177-216-241.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a7b107acc3ab255e0ea6f7453025a5318c5f8949190121b234c3a495bf333774

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Aug 2023 19:05:51 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js Show response
pagead2.googlesyndication.com/bg/ Frame 78F8 38 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 16:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 16:15:36 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4300 42 B
64 B 148ms
148ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7n4X9BB8uG-6fQ9gurQoFACdSo6HPNhP2cd4ySI3CQ85dLovQ__5LDj5b4ipLz6gxxR-NvC9lzXzn9fPsoXzZOGJ14R-TyU7HgzNeJM9tK_JikKRAZOava2wzZugb92SSULHvAhH-0mTJ&sai=AMfl-YQf1RGBrAdKwvuyG3i1xBhD7qC5OCwRMwHaSs4sqocZi0KHRfENYWm2eBIBkW7JNzTHqRc7qDEIxAwuReLLPBAC9v3hmG_bWXD2BBhYAnLcFTdl0V9qP0Fo3oU&sig=Cg0ArKJSzEad6QTwGAciEAE&cid=CAQSOwBpAlJWGHKpGqfJXm5KOyf7TQyePIjQuKy8_1u99DxBGPMVbGof9t10l2KVRAvlnJkJSMMVW_T_JBJvGAE&id=lidar2&mcvt=1000&p=-50,0,450,200&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1692039949534&rpt=303&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D050 42 B
64 B 143ms
143ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXslmIZviGzJam2d-fe0FQYM2P_z7Xp2A2E8_ncgmD2_tnzmat-t71IeKzEySixXEKODwqCotJpI5uhrjCQH7FxqcnAAgBuGKZrc9f-eLUa_oXGzOSQxvfXY6FG8VKXYD8nCGV1FNvapY-&sai=AMfl-YRgjCESZDcAe2qCtdevOu1Dp6yvqp04uqnAUND5PcMN6HylKtNqC0-s6e8FBdTwXVRlztNq6eraxhh6rzX_5ExwZPoewcW42nm8kULWeDhAK5yjM1tYL2Kx1dM&sig=Cg0ArKJSzKiEiuYEmTcvEAE&cid=CAQSOwBpAlJWGHKpGqfJXm5KOyf7TQyePIjQuKy8_1u99DxBGPMVbGof9t10l2KVRAvlnJkJSMMVW_T_JBJvGAE&id=lidar2&mcvt=1000&p=-50,0,450,200&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1692039949537&rpt=400&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

compass.js Show response
jgl.microad.net/js/ Frame E280
Redirect Chain

https://j.microad.net/js/compass.js
https://jgl.microad.net/js/compass.js

128 KB
30 KB

256ms
256ms

Script
application/javascript

14.0.41.202
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://jgl.microad.net/js/compass.js
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1187/
Protocol: H2
Server: 14.0.41.202 Osaka, Japan, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: aa7469f638262821f7ff37616788f67addec2140d47b6d4396a98d0e11391e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:52 GMT
content-encoding: gzip
via: 1.1 PSrbJP1ww66:0 (W), 1.1 PSrbdbOSA1gs91:3 (W)
last-modified: Tue, 11 Jul 2023 01:36:36 GMT
server: PWS/8.3.1.0.8
etag: "1ff4f-gzip"
x-ws-request-id: 64da7b10_PSrbdbOSA1rw96_44379-24662
content-type: application/javascript
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
cache-control: max-age=604800
x-px: ht PSrbdbOSA1gs91KIX
accept-ranges: bytes
content-length: 29980
expires: Tue, 15 Aug 2023 08:19:54 GMT

Redirect headers

date: Mon, 14 Aug 2023 19:05:51 GMT
via: 1.0 PSrbdbOSA1ap90:18 (W)
server: PWS/8.3.1.0.8
x-ws-request-id: 64da7b0f_PSrbdbOSA1rw96_44379-24629
location: https://jgl.microad.net/js/compass.js
access-control-allow-origin: *
cache-control: no-cache
x-px: -
content-length: 0

GET
H2 200 /
i.adingo.jp/ Frame E280 43 B
294 B 744ms
240ms Image
image/gif 54.178.43.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.adingo.jp/?p=N-06VqcaTkZPEoRTibXv9HGB4odtolAdzqKmILED_6pf2PEEt-jjKgQhPr8gyOyLQmjxLxG5Lft7oN4iliRC8hkHX5TlM8hHTxsreSnTTuXhUxv52JIIIS1I2RnukZ1ZM8oUB_nu-YOBBGnzEl947CcRizjGUjeSpYlx50uHeBY-fnBuWPRaej9bbp2c89wsY17IAyBGSXCpHbEWO4msxjw_v6wGSsPGAQTtbPBiQXDpkFdWnDT2RUGM85SwQ_blyCDdh0_0yc1MeADO8b4TX9AsmhHnioz6c6gx&k=3&v=wpBzOZsdW127wtOv
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1187/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.178.43.249 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-178-43-249.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:52 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2

200

compass.js Show response
jgl.microad.net/js/ Frame E32B
Redirect Chain

https://j.microad.net/js/compass.js
https://jgl.microad.net/js/compass.js

128 KB
30 KB

298ms
297ms

Script
application/javascript

14.0.41.202
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://jgl.microad.net/js/compass.js
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1188/
Protocol: H2
Server: 14.0.41.202 Osaka, Japan, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: aa7469f638262821f7ff37616788f67addec2140d47b6d4396a98d0e11391e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:52 GMT
content-encoding: gzip
via: 1.1 PSrbJP1ww66:0 (W), 1.1 PSrbdbOSA1gs91:1 (W)
last-modified: Tue, 11 Jul 2023 01:36:36 GMT
server: PWS/8.3.1.0.8
etag: "1ff4f-gzip"
x-ws-request-id: 64da7b10_PSrbdbOSA1rw96_44379-24663
content-type: application/javascript
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
cache-control: max-age=604800
x-px: ht PSrbdbOSA1gs91KIX
accept-ranges: bytes
content-length: 29980
expires: Fri, 18 Aug 2023 01:43:52 GMT

Redirect headers

date: Mon, 14 Aug 2023 19:05:51 GMT
via: 1.0 PSrbdbOSA1rw96:5 (W)
server: PWS/8.3.1.0.8
x-ws-request-id: 64da7b0f_PSrbdbOSA1rw96_44379-24630
location: https://jgl.microad.net/js/compass.js
access-control-allow-origin: *
cache-control: no-cache
x-px: -
content-length: 0

GET
H2 200 /
i.adingo.jp/ Frame E32B 43 B
293 B 744ms
242ms Image
image/gif 54.178.43.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.adingo.jp/?p=bGFMNLFjNd2Ljay5farwbrb8N2y2n9gq8tB5cAOlCLNxNfo5OoNB-mxG6creoBIzB2-Bw4CI8D4pbhY8yBSVtXxemM_6ArBOT6aAAkPWjYQc2q1rXLdoFrQzOracEOpyyEVVqkjxR298kdumyiTSxXelTU51GvLyvDrvuMnHQoT8afke_02uuDADe0Sz7i4ON6HcljrzlAh-uctmnmq1ONPDEfid4zXJtOBZShjX_FnLHY-3cxTMPjunHX2q8heBUPyipO577w1kBncMIlfh4F7StKjzXrLBV0Ry&k=3&v=NPlJJbtjCVkrSxML
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1188/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.178.43.249 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-178-43-249.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Aug 2023 19:05:52 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cookie_loader.html Show response
cache.send.microadinc.com/js/ Frame 59A9 2 KB
2 KB 15ms
15ms Document
text/html 52.84.174.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microadinc.com/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.174.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-174-105.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: https://media5.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 71566
content-length: 1909
content-type: text/html
date: Mon, 14 Aug 2023 04:30:05 GMT
etag: "10cf9c751f3fdad8c8784c6bf8cee57a"
last-modified: Thu, 28 Oct 2021 12:57:38 GMT
server: AmazonS3
via: 1.1 19d683585ba961e1ecbb57668eec0a62.cloudfront.net (CloudFront)
x-amz-cf-id: tdagt-yK5wo1blIGjM-Aw-t1zCAbcpjh7cTUFsRVWQLodC4t0-DH_w==
x-amz-cf-pop: CDG50-P1
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7
x-cache: Hit from cloudfront

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ Frame E280 6 KB
3 KB 7ms
7ms Script
application/javascript 2a02:26f0:480:25::1726:620a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:620a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Mon, 14 Aug 2023 19:05:52 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ Frame E280 2 KB
3 KB 262ms
262ms Script
text/javascript 202.233.84.9
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=e758bea8b3b21580d0e3c10a2259b09c&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fmedia5.fc2.com%2F1187%2F&referrer=https%3A%2F%2Fmedia5.fc2.com%2F1187%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=be4686718ed8700189f570b74d

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.9 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

9388dd37ae7fea9efaa35636146ebf0f8d09d99a02f9881f8da44f23848d5c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:52 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: text/javascript;charset=UTF-8
Connection: close
Content-Length: 2413
X-XSS-Protection: 1; mode=block

GET
H2 200 cookie_loader.html Show response
cache.send.microadinc.com/js/ Frame 239F 2 KB
2 KB 15ms
15ms Document
text/html 52.84.174.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microadinc.com/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.174.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-174-105.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: https://media5.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 71566
content-length: 1909
content-type: text/html
date: Mon, 14 Aug 2023 04:30:05 GMT
etag: "10cf9c751f3fdad8c8784c6bf8cee57a"
last-modified: Thu, 28 Oct 2021 12:57:38 GMT
server: AmazonS3
via: 1.1 19d683585ba961e1ecbb57668eec0a62.cloudfront.net (CloudFront)
x-amz-cf-id: C9XJhMgyStAJBhetlNraE-QCRTpSQAm36ofpPYicH8j7UeExdRnqCw==
x-amz-cf-pop: CDG50-P1
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7
x-cache: Hit from cloudfront

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ Frame E32B 6 KB
3 KB 7ms
7ms Script
application/javascript 2a02:26f0:480:25::1726:620a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:620a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Mon, 14 Aug 2023 19:05:52 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H/1.1 200
200 ad Show response
s-rtb.send.microadinc.com/ Frame E32B 2 KB
3 KB 768ms
259ms Script
text/javascript 202.233.84.9
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microadinc.com/ad?spot=46349e541abeeb49be17afde2dcbebe1&cb=microadCompass.AdRequestor.callback&url=https%3A%2F%2Fmedia5.fc2.com%2F1188%2F&referrer=https%3A%2F%2Fmedia5.fc2.com%2F1188%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=b05d5c0a7868000189f570b77b

Requested by

Host: j.microad.net
URL: https://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.9 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

9cb240cb9165f46a39ee0b363ceae251825e1d1509e522c02ec7b280fc1ac145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:52 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: text/javascript;charset=UTF-8
Connection: close
Content-Length: 2410
X-XSS-Protection: 1; mode=block

GET
H2 200 ads.js Show response
spdeliver.i-mobile.co.jp/script/ Frame 776B 41 KB
13 KB 79ms
8ms Script
application/javascript 2600:9000:2251:3800:c:2040:40c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3800:c:2040:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 31d8a246b4ec27f114c453b9d4ef714538bc6e3b3c76b9f46d63a67950144930

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:04:40 GMT
content-encoding: gzip
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 04:53:50 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA60-P3
age: 73
x-powered-by: ASP.NET
etag: W/"0c3915546c0d91:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-cf-id: EmVjr5Me_gledfOZnoaTKuw4K0YCYHVO_dVp8B3i_jDV7Y5uTbabFQ==

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ Frame E280 43 B
340 B 256ms
255ms Image
image/gif 202.233.84.10
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=5ZNp7EBRigYArXuBwfKu1190PtaUR52HuohAuFlnekStzfyEwafRKQXOQ6Yyy5hS3hDNA-8RHjEVYxHF2QZDovYHUJ76qAEjC83KJQV_0Q3FfoN2Pt-YavLMwefDFDetfTVqjDdHeypl5
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1187/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.10 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:52 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: image/gif
Connection: close
Content-Length: 57

GET
H2 200 sspcore_spot.js Show response
ssp-bidder.i-mobile.co.jp/script/ Frame 776B 23 KB
8 KB 347ms
263ms Script
application/javascript 2600:9000:2248:d400:1f:2964:4340:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidder.i-mobile.co.jp/script/sspcore_spot.js?20130501
Requested by: Host: spdeliver.i-mobile.co.jp
URL: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:d400:1f:2964:4340:93a1 , United States, ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 127651ddf2e9c64d57819913ae2d95cede11604372d15f9dba49b4ddc848632a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:52:04 GMT
content-encoding: gzip
via: 1.1 2b08544e695e9e7bc49d159008bcc656.cloudfront.net (CloudFront)
last-modified: Tue, 08 Aug 2023 18:33:42 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: MXP63-P3
age: 835
x-powered-by: ASP.NET
etag: W/"0473edb26cad91:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
x-amz-cf-id: qsI6gEi8-myXe-tCSSRuioT8vKRLwqd9yOl5iETnz8bVFw805mD0eg==

GET
H/1.1 200
OK ssp_spot.ashx Show response
ssp-bidapi-n1.i-mobile.co.jp/jsonp/ Frame 776B 49 B
538 B 1024ms
242ms Script
text/javascript 54.150.85.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidapi-n1.i-mobile.co.jp/jsonp/ssp_spot.ashx?pid=65803&asid=1544759&asn=1&spec=1&dpr=1&sf=0&pos=0&imcallback=_imcallback_1544759_1&cashid=1692039952912
Requested by: Host: ssp-bidder.i-mobile.co.jp
URL: https://ssp-bidder.i-mobile.co.jp/script/sspcore_spot.js?20130501
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.150.85.237 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-150-85-237.ap-northeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 66198540a512f041dd647ffd3e1f04e0c1d63957b7d8c93761b49920b7e5c70f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 19:05:53 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 170
Expires: -1

GET
H2 200 ads.js Show response
spdeliver.i-mobile.co.jp/script/ Frame F386 41 KB
13 KB 8ms
8ms Script
application/javascript 2600:9000:2251:3800:c:2040:40c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Requested by: Host: j.microad.net
URL: https://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3800:c:2040:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 31d8a246b4ec27f114c453b9d4ef714538bc6e3b3c76b9f46d63a67950144930

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:04:40 GMT
content-encoding: gzip
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 04:53:50 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA60-P3
age: 74
x-powered-by: ASP.NET
etag: W/"0c3915546c0d91:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-cf-id: USGTlTpigm53IZk3JmNsrTXHAXloQacLQG7EMG1nV7XkAOxyh87XdA==

GET
H/1.1 200
200 ic
ssp.send.microadinc.com/ Frame E32B 43 B
340 B 764ms
255ms Image
image/gif 202.233.84.10
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microadinc.com/ic?ep=5ZNp7EDV3IkATUkgl6V-vlUx2XjTCQCMBYJPmMYGzng5_Fb28iI0SDMshtLNFLqARdPwDIqb4Uli5vSk7-CGwgnYckxhazwsck8tVWryNGzznEYC2QiisHEH_Oiin8ncgsWSdzmnWsPWz
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/1188/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.10 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 19:05:53 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: image/gif
Connection: close
Content-Length: 57

GET
H2 200 sspcore_spot.js Show response
ssp-bidder.i-mobile.co.jp/script/ Frame F386 23 KB
8 KB 21ms
20ms Script
application/javascript 2600:9000:2248:d400:1f:2964:4340:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidder.i-mobile.co.jp/script/sspcore_spot.js?20130501
Requested by: Host: spdeliver.i-mobile.co.jp
URL: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2248:d400:1f:2964:4340:93a1 , United States, ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 127651ddf2e9c64d57819913ae2d95cede11604372d15f9dba49b4ddc848632a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:52:04 GMT
content-encoding: gzip
via: 1.1 2b08544e695e9e7bc49d159008bcc656.cloudfront.net (CloudFront)
last-modified: Tue, 08 Aug 2023 18:33:42 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: MXP63-P3
age: 836
x-powered-by: ASP.NET
etag: W/"0473edb26cad91:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
x-amz-cf-id: ZgCU75zOtt8bWIFIe1gO8CCiuAWAYbhtX1SpOGNYBqVNFn34h4Yopg==

GET
H/1.1 200
OK ssp_spot.ashx Show response
ssp-bidapi-n1.i-mobile.co.jp/jsonp/ Frame F386 49 B
538 B 966ms
247ms Script
text/javascript 54.150.85.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidapi-n1.i-mobile.co.jp/jsonp/ssp_spot.ashx?pid=65803&asid=1544760&asn=1&spec=1&dpr=1&sf=0&pos=0&imcallback=_imcallback_1544760_1&cashid=1692039953072
Requested by: Host: ssp-bidder.i-mobile.co.jp
URL: https://ssp-bidder.i-mobile.co.jp/script/sspcore_spot.js?20130501
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.150.85.237 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-150-85-237.ap-northeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 39e1977469da6d637f1de88bdb191081fb9d3081b5c6d403010dffc3d3121d03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 19:05:53 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 170
Expires: -1

GET
H2 200 adcore_pc_inline.js Show response
spdeliver.i-mobile.co.jp/script/ Frame 776B 1 KB
897 B 8ms
7ms Script
application/javascript 2600:9000:2251:3800:c:2040:40c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spdeliver.i-mobile.co.jp/script/adcore_pc_inline.js?20110201
Requested by: Host: spdeliver.i-mobile.co.jp
URL: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3800:c:2040:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b8666b6a7bda5ea0466128485e57eb867e069582c3709bde90ec39f88d467d0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:45:28 GMT
content-encoding: gzip
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 04:53:46 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA60-P3
age: 1226
x-powered-by: ASP.NET
etag: W/"0692f5346c0d91:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-cf-id: rywQhz6uazBysufBWqEuyAtI5X6yVDVdb9FTQwd1Zo9q-z-BPAPtVg==

GET
H2 200 ad_spot.aspx Show response
spsvcpc-tls.i-mobile.co.jp/ Frame 262E 3 KB
3 KB 369ms
283ms Document
text/html 2600:9000:2611:fc00:1d:4ba6:de80:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=65803&asid=1544759&asn=1&width=300&height=250
Requested by: Host: spdeliver.i-mobile.co.jp
URL: https://spdeliver.i-mobile.co.jp/script/adcore_pc_inline.js?20110201
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2611:fc00:1d:4ba6:de80:93a1 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e6a76ef29fdb4d48ff520b42bb652deaf71352988ae9e4e5aca900c759a81722

Request headers

Referer: https://media5.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-length: 2864
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 19:05:53 GMT
expires: -1
p3p: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
pragma: no-cache
server: Microsoft-IIS/10.0
via: 1.1 b361826db8fe26bb15e77b0e0bcfb382.cloudfront.net (CloudFront)
x-amz-cf-id: 2-0-NKVcXOSwqHE-FHtYIs2hPVWdnq6F3AkPmTd6K1k9VhrTmE5gww==
x-amz-cf-pop: VIE50-P2
x-cache: Miss from cloudfront
x-powered-by: ASP.NET

GET
H2 200 adcore_pc_inline.js Show response
spdeliver.i-mobile.co.jp/script/ Frame F386 1 KB
896 B 7ms
7ms Script
application/javascript 2600:9000:2251:3800:c:2040:40c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spdeliver.i-mobile.co.jp/script/adcore_pc_inline.js?20110201
Requested by: Host: spdeliver.i-mobile.co.jp
URL: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3800:c:2040:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b8666b6a7bda5ea0466128485e57eb867e069582c3709bde90ec39f88d467d0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media5.fc2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:45:28 GMT
content-encoding: gzip
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 04:53:46 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA60-P3
age: 1227
x-powered-by: ASP.NET
etag: W/"0692f5346c0d91:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-cf-id: dq-SFcIi6QxThtt7XCcDHAvI3yALR5woCre9qcNAx18_Y7Lv_7KY3Q==

GET
H2 200 ad_spot.aspx Show response
spsvcpc-tls.i-mobile.co.jp/ Frame 063E 3 KB
3 KB 581ms
581ms Document
text/html 2600:9000:2611:fc00:1d:4ba6:de80:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=65803&asid=1544760&asn=1&width=728&height=90
Requested by: Host: spdeliver.i-mobile.co.jp
URL: https://spdeliver.i-mobile.co.jp/script/adcore_pc_inline.js?20110201
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2611:fc00:1d:4ba6:de80:93a1 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dbc812bb5d310e92d3e8dc0233e53bb0e6847fbf4af65f51667e1fec79ca39ba

Request headers

Referer: https://media5.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-length: 2655
content-type: text/html; charset=utf-8
date: Mon, 14 Aug 2023 19:05:54 GMT
expires: -1
p3p: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
pragma: no-cache
server: Microsoft-IIS/10.0
via: 1.1 b361826db8fe26bb15e77b0e0bcfb382.cloudfront.net (CloudFront)
x-amz-cf-id: -vU2q1AfY9BFpCQu5gnB7xUVc1BqO6ILwaXRU5jaATWvi-X8qgVekw==
x-amz-cf-pop: VIE50-P2
x-cache: Miss from cloudfront
x-powered-by: ASP.NET

GET
H2 200 style.css
spsvcpc-tls.i-mobile.co.jp/css/ Frame 262E 5 KB
6 KB 21ms
19ms Stylesheet
text/css 2600:9000:2611:fc00:1d:4ba6:de80:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://spsvcpc-tls.i-mobile.co.jp/css/style.css
Requested by: Host: spsvcpc-tls.i-mobile.co.jp
URL: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=65803&asid=1544759&asn=1&width=300&height=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2611:fc00:1d:4ba6:de80:93a1 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3a6b3996ce3a1200e3b494ed37f4e7f665ddff1faedf145bdef17a51546b0998

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=65803&asid=1544759&asn=1&width=300&height=250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 20:21:06 GMT
via: 1.1 b361826db8fe26bb15e77b0e0bcfb382.cloudfront.net (CloudFront)
last-modified: Wed, 02 Feb 2022 05:29:52 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: VIE50-P2
age: 513888
etag: "0c827e7f517d81:0"
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 5537
x-amz-cf-id: o1NJgHI0761kFGY53vfm_dBkSOQlCFR5wjGJJoZU8GS-24ajqegEIQ==

GET
H2 200 defaultAd.gif
spsvcpc-tls.i-mobile.co.jp/img/ Frame 262E 807 B
1 KB 272ms
270ms Image
image/gif 2600:9000:2611:fc00:1d:4ba6:de80:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spsvcpc-tls.i-mobile.co.jp/img/defaultAd.gif?pid=65803&asid=1544759
Requested by: Host: spsvcpc-tls.i-mobile.co.jp
URL: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=65803&asid=1544759&asn=1&width=300&height=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2611:fc00:1d:4ba6:de80:93a1 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d177fcf781f78f722b0f5f59056affa6f9db376e9fe22167fc41efeedacb70e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=65803&asid=1544759&asn=1&width=300&height=250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 19:05:54 GMT
via: 1.1 b361826db8fe26bb15e77b0e0bcfb382.cloudfront.net (CloudFront)
last-modified: Wed, 02 Feb 2022 05:29:52 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: VIE50-P2
etag: "0c827e7f517d81:0"
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 807
x-amz-cf-id: 8rkmCxhofCffK-eMnLKp2Eq3dabDhpULjq_b-x8K-o1ubIMN_SGYfw==

GET
H2 200 ad_creative.ashx
spcdnpc.i-mobile.co.jp/ Frame 262E 59 KB
60 KB 28ms
11ms Image
image/jpeg 2600:9000:2251:3800:c:2040:40c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spcdnpc.i-mobile.co.jp/ad_creative.ashx?advid=2853926
Requested by: Host: spsvcpc-tls.i-mobile.co.jp
URL: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=65803&asid=1544759&asn=1&width=300&height=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3800:c:2040:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 79d9baba45507f98ae7d87a88586ebba5c4fb5e5cea5e0d167764904b7963484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spsvcpc-tls.i-mobile.co.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 03:22:45 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified: Tue, 22 Mar 2016 11:48:04 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA60-P3
age: 56588
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: private
content-length: 60843
x-amz-cf-id: 9HyxgeYTrVtMUETQTiYySC3xuEUpRG1VMQ-fvfOKNc6EDU5ckrXblA==
expires: Mon, 01 Jan 0001 00:00:00 GMT

GET
H2 200 RestoreXidToMediaStorage.html Show response
xid.i-mobile.co.jp/ Frame 12BB 1 KB
2 KB 22ms
8ms Document
text/html 2600:9000:2251:3800:c:2040:40c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xid.i-mobile.co.jp/RestoreXidToMediaStorage.html
Requested by: Host: spdeliver.i-mobile.co.jp
URL: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3800:c:2040:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1cf9494979497e2751b2b9933adb75ca049dbd1c9ee21a9981c630a83061cf1

Request headers

Referer: https://media5.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 199
content-length: 1323
content-type: text/html
date: Mon, 14 Aug 2023 19:02:34 GMT
etag: "0c827e7f517d81:0"
last-modified: Wed, 02 Feb 2022 05:29:52 GMT
server: Microsoft-IIS/10.0
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-id: w6ilDSUApW-7idnWTb9-IWflwEWArKKLdFexjvAU_d2qHAPFUE6Jdg==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
x-powered-by: ASP.NET

GET
H2 200 style.css
spsvcpc-tls.i-mobile.co.jp/css/ Frame 063E 5 KB
6 KB 19ms
19ms Stylesheet
text/css 2600:9000:2611:fc00:1d:4ba6:de80:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://spsvcpc-tls.i-mobile.co.jp/css/style.css
Requested by: Host: spsvcpc-tls.i-mobile.co.jp
URL: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=65803&asid=1544760&asn=1&width=728&height=90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2611:fc00:1d:4ba6:de80:93a1 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3a6b3996ce3a1200e3b494ed37f4e7f665ddff1faedf145bdef17a51546b0998

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=65803&asid=1544760&asn=1&width=728&height=90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 20:21:06 GMT
via: 1.1 b361826db8fe26bb15e77b0e0bcfb382.cloudfront.net (CloudFront)
last-modified: Wed, 02 Feb 2022 05:29:52 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: VIE50-P2
age: 513888
etag: "0c827e7f517d81:0"
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 5537
x-amz-cf-id: KmlZnKqoto35qDBKEWKhWQMmtMp7PZub0K6w8XiR6Jqhhwl9ozTdcQ==

GET
H2 200 ad_creative.ashx
spcdnpc.i-mobile.co.jp/ Frame 063E 98 KB
98 KB 10ms
9ms Image
image/jpeg 2600:9000:2251:3800:c:2040:40c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spcdnpc.i-mobile.co.jp/ad_creative.ashx?advid=2782347
Requested by: Host: spsvcpc-tls.i-mobile.co.jp
URL: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=65803&asid=1544760&asn=1&width=728&height=90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3800:c:2040:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d259b350459537f1c9a14fdda9a0e8b75d8840d6fa57518782b77ed18b607930

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spsvcpc-tls.i-mobile.co.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 05:59:33 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified: Fri, 20 Jan 2017 09:02:45 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA60-P3
age: 47180
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: private
content-length: 100136
x-amz-cf-id: hL3-raFSTcqaRw4jIUW1qqVj3IXi3p_IND3rPjjjLL8jWgtFsUxAcA==
expires: Mon, 01 Jan 0001 00:00:00 GMT

GET
H2 200 RestoreXidToMediaStorage.html Show response
xid.i-mobile.co.jp/ Frame A002 1 KB
2 KB 8ms
7ms Document
text/html 2600:9000:2251:3800:c:2040:40c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xid.i-mobile.co.jp/RestoreXidToMediaStorage.html
Requested by: Host: spdeliver.i-mobile.co.jp
URL: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3800:c:2040:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1cf9494979497e2751b2b9933adb75ca049dbd1c9ee21a9981c630a83061cf1

Request headers

Referer: https://media5.fc2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 199
content-length: 1323
content-type: text/html
date: Mon, 14 Aug 2023 19:02:34 GMT
etag: "0c827e7f517d81:0"
last-modified: Wed, 02 Feb 2022 05:29:52 GMT
server: Microsoft-IIS/10.0
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-id: 4Onjqml9ApXagDFo-P7Emp-kpHVJSl6hgWI-zNvFdEaUh8k0k47InA==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
x-powered-by: ASP.NET

POST
H/1.1 200
Ok / Show response
media5.fc2.com/ Frame F6CF 70 B
388 B 184ms
184ms XHR
application/x-javascript 104.244.99.99
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://media5.fc2.com/
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/js/ajax.module.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.99 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: 39fd8ef8f3d06859bf78bd71e48bc3f31fbfc98ef206e1b42ade98a06851f3be

Request headers

Referer: https://media5.fc2.com/1187/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 19:05:55 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 70
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
Ok / Show response
media5.fc2.com/ Frame 6EBE 70 B
388 B 193ms
192ms XHR
application/x-javascript 104.244.99.99
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://media5.fc2.com/
Requested by: Host: media5.fc2.com
URL: https://media5.fc2.com/js/ajax.module.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.99 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ae47036a6832bce0841a6e4e6e801a00f27f8a5e4eec02baa6ab9ffffaf75e9

Request headers

Referer: https://media5.fc2.com/1188/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 14 Aug 2023 19:05:55 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 70
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.southhaventribune.net
URL: http://www.southhaventribune.net/yahoo_site_admin/assets/images/Miller_WEB.10080613_std.jpg

Domain: mcnair.indiana.edu
URL: http://mcnair.indiana.edu/img/current-students/chavez-ian.jpg

Domain: image.cdnllnwnl.xosnetwork.com
URL: http://image.cdnllnwnl.xosnetwork.com/pics33/800/VS/VSIZAIANZRGNVOO.20151009142942.jpg

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cache.send.microadinc.com/js	1970-01-20 14:00:43	Name: RTUS_STATUS Value: Unknown
.fc2.com/	1970-01-20 23:22:15	Name: __gads Value: ID=7bb4dad133dce13a-22133ef14fde006f:T=1692039943:RT=1692039943:S=ALNI_MbjAKIo5pY-fUnqLn9TCriQlejWBw
.fc2.com/	1970-01-20 23:22:15	Name: __gpi Value: UID=00000d8b1e482593:T=1692039943:RT=1692039943:S=ALNI_MapxLZvDEn42EAjO1mHiddnnPyRGw
.doubleclick.net/	1970-01-20 23:22:15	Name: IDE Value: AHWqTUkjuG_a1f8vYAO4v5olIXM6ZZswuJZP1EJPObxMO_20Q0JD__uRINBUj1iPbUA
.googleadservices.com/	1970-01-20 16:10:15	Name: ar_debug Value: 1
.turn.com/	1970-01-20 18:19:51	Name: uid Value: 8059913406345286081
.mathtag.com/	1970-01-20 14:43:51	Name: mt_mop Value: 4:1692039949
.ctnsnet.com/	1970-01-20 22:46:15	Name: gid_CAESEEajhadNNgV_yBU1mIGSrHo Value: 1
.everesttech.net/	1970-01-20 22:46:15	Name: everest_g_v2 Value: g_surferid~ZNp7DQAAAH4ETgAb
.ctnsnet.com/	1970-01-20 22:46:15	Name: cid Value: d7b6cb04064d4e789b7011b016718201
.adform.net/	1970-01-20 14:45:18	Name: C Value: 1
.agkn.com/	1970-01-20 22:46:15	Name: ab Value: 0001%3AtBg3RzBpjGmgtJ0jJziSWcOdA4Ew0Thb
.quantserve.com/	1970-01-20 16:10:15	Name: d Value: EGsBCQHaKYEA
.quantserve.com/	1970-01-20 23:30:54	Name: mc Value: 64da7b0d-ec727-9da28-91fda
.adform.net/	1970-01-20 15:27:03	Name: uid Value: 4736162831495429922
.doubleclick.net/	1970-01-20 14:00:43	Name: DSID Value: NO_DATA
.innovid.com/	1970-01-20 16:10:15	Name: uuid Value: c252738a-76c3-45cc-b7e3-a25bedec3352-20230814 15:05:50
.agkn.com/	1970-01-20 22:46:15	Name: u Value: C\|0CEAsbTeNLG03jgAAAAABAQ13AQEAAQpAAAAAAA
.w55c.net/	1970-01-20 23:32:20	Name: wfivefivec Value: G3yQpZPc1QvCSW5
.w55c.net/	1970-01-20 14:43:51	Name: matchgoogle Value: 5
.tribalfusion.com/	1970-01-20 16:10:15	Name: ANON_ID Value: aint6Zat3er66AxvPBUpBoRBZalnjO3waMW69AUA1iMUwrQ8DbDwOTmTR5UJY2hCC4nZbOr4KLZafkwgTPTVsdos4JaZcAdgl

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://secularcoalition.info/KmVMGc?default_keyword=cost+of+attendance+university+of+michigan+law+faculty, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://secularcoalition.info/KmVMGc?default_keyword=cost+of+attendance+university+of+michigan+law+faculty, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://localtvwqad.files.wordpress.com/2017/04/promo316932033.jpg?quality=85&strip=all&w=1200 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://mcnair.indiana.edu/img/current-students/chavez-ian.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.woodlandsnaturalhealthcentre.co.uk/wp-content/uploads/2011/10/NicholaSaundersLeaflet_inside.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://image.cdnllnwnl.xosnetwork.com/pics33/800/VS/VSIZAIANZRGNVOO.20151009142942.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmS1RIYgiQfWYiGb31_jrjH7KKETtBthkmKU39vSN_oGH1_bV_kwqfLyuQJWdyGFBuo_QNxTysq0fhpkBdG0bA2-vhnNQHGFg1Lf&google_gid=CAESEE-7XbxgCjwKDFqgrDPt3h8&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ag.innovid.com
audiencedata.im-apps.net
c1.adform.net
cache.send.microadinc.com
cdn-fluct.sh.adingo.jp
cdn.shopify.com
clients1.google.com
cm.g.doubleclick.net
cms.quantserve.com
cse.google.com
d.agkn.com
dclk-match.dotomi.com
dis.criteo.com
dmp.im-apps.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.adingo.jp
id.rlcdn.com
image.cdnllnwnl.xosnetwork.com
ius.ctnsnet.com
j.microad.net
jgl.microad.net
lanterman.web.fc2.com
localtvwqad.files.wordpress.com
match.adsrvr.org
mcnair.indiana.edu
media.fc2.com
media5.fc2.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
pm.w55c.net
r.turn.com
s-rtb.send.microadinc.com
s.tribalfusion.com
s3.india.com
secularcoalition.info
sh.adingo.jp
spcdnpc.i-mobile.co.jp
spdeliver.i-mobile.co.jp
spsvcpc-tls.i-mobile.co.jp
ssp-bidapi-n1.i-mobile.co.jp
ssp-bidder.i-mobile.co.jp
ssp.send.microadinc.com
static.fc2.com
storage1000-textad.fc2.com
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
syndication.twitter.com
textad.fc2.com
tpc.googlesyndication.com
vip.chps-api.fc2.com
ww1.secularcoalition.info
www.cusys.edu
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.southhaventribune.net
www.woodlandsnaturalhealthcentre.co.uk
x.bidswitch.net
xid.i-mobile.co.jp
image.cdnllnwnl.xosnetwork.com
mcnair.indiana.edu
www.southhaventribune.net
104.244.42.200
104.244.99.107
104.244.99.169
104.244.99.54
104.244.99.67
104.244.99.99
130.211.14.194
14.0.41.202
142.250.186.34
151.101.130.49
178.250.1.9
18.177.216.241
185.29.134.248
192.0.72.20
199.48.209.213
199.59.243.224
2001:678:cb4:bbbb::11
202.233.84.10
202.233.84.9
204.228.68.58
23.227.60.200
23.32.185.35
2600:1901:0:e207::
2600:9000:2248:d400:1f:2964:4340:93a1
2600:9000:2251:3800:c:2040:40c0:93a1
2600:9000:2611:fc00:1d:4ba6:de80:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6812:19ad
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a02:2638:d::d
2a02:26f0:480:23::1726:62b4
2a02:26f0:480:25::1726:620a
2a02:3d0:6:a000::3
2a02:fa8:8806:20::2010
2a05:d01c:1d8:8100:52d1:b8b3:a311:ae99
3.120.29.172
3.33.220.150
35.186.193.173
35.244.174.68
37.157.3.20
52.210.224.221
52.28.179.48
52.84.174.105
54.150.85.237
54.178.43.249
92.205.2.206
94.229.72.123
00f7775e1089b06453912c640ff0bbfe8fe47aa0cf3234347332fc4479b0a727
07d241ae62c2c40e9c20c169b35cf9bda9b3e99cba1e5ad4f86351364156c290
08594aa8f6b8760ac36e53b99ddd70973dfc79447a1fc993a746ac975bd64565
0a87ba00eee82758c065fb6b0a604e671c9b39f6ea918bdc0a31dc44fb8ad9ad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1040689021bc0fa1dbb2989807fc5798ff2bce16a7d7a1bcf648593ea8be4027
11067491713debe19cce15506683109c51960927313cb761259868995bd6410b
11d43f773096fd0cac2f100440e3bc4f6bf8ab50e171c8f734ab9dd71c35c2f1
127651ddf2e9c64d57819913ae2d95cede11604372d15f9dba49b4ddc848632a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1b786a6f63e1e7fdb6c1e3ed5540e42525ef8a8f2201dbe6edcf34c684e9f83f
1cb7cab5eb7626900d579c45c233bfb4e09b2e262f0c9bc31c90641dd5e6c714
1e560ff025fb7a37f6ef93d80f90f336741b83316fc4a2c5fdeec023c8ddb7a0
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
26959420ff63fa61ceda84d3a420d0fb456221556aafd0ee0a7bcbdd9d1745a9
29d66372a3c96dcd72388bd1bc1d1e69d704c97b9a35dbf2b231b64a7e0e80d8
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f1062b5e1af2cc8a151377ca403596d9c62d3a11512d8d7cc821945c5329929
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d8a246b4ec27f114c453b9d4ef714538bc6e3b3c76b9f46d63a67950144930
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
39e1977469da6d637f1de88bdb191081fb9d3081b5c6d403010dffc3d3121d03
39fd8ef8f3d06859bf78bd71e48bc3f31fbfc98ef206e1b42ade98a06851f3be
3a6b3996ce3a1200e3b494ed37f4e7f665ddff1faedf145bdef17a51546b0998
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ae47036a6832bce0841a6e4e6e801a00f27f8a5e4eec02baa6ab9ffffaf75e9
3afca5001b290bb09b9b371385e12e24044a65eb613cb2928394a2ad0ea760d2
3bca5990a07b3dc4fde2d6205ffb47d8b3edbe229390491f2071e4aace15f0e8
3c8408b40044e883fc448e7cb39357a3ba58dbaff7048853d138bb790d1e2961
3efb0b5415cbf1a3f33a5b4b3254a0b11ccb6afd8a5a187cb498d90ffe8cf529
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
404b9260afb4ca4d67d51bc3ab9c58e6d139d47f9c1218a78ecac1492e0e3002
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
4443b2517b8e1fe588237d126191ab9b111db65f025ac020776a4780ea732da8
45cfa9780ba1e60cee8743e7e63666d843082ba30e58b8242644bbfb1f1b5aa3
4790387f5e413c5e17a0cc8e4eec33a8aad791ebd6f81b9c5a608633044693c4
487f9c94cb6252b4166decfc3ac738aa98e251256a3cafd9f569c18ae02ac821
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f22662c995e8bf36b9b76625be1c6df0e68b8bff087b2cac8d0b39fc6852c11
5418099638a4254357bb7cce19129d2f64e94dd7ffa76e793c37cf2f5e75d871
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a0df713b4660ba39052ceadce6b19b9945dcc2b8aecea57d84816524eb38b14
5b207e7767f10ca66eaedbaee7e5023f9c55176e70d64fcaabf58656622d5513
5b20a3e55eda8ed582681eb9a05069aaaf5da9c12d9b9d6769cfc05ebb539993
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
611a81747d7d108c022ef7aeae2ed759d23d62438d14378732be76702bed4eb0
66198540a512f041dd647ffd3e1f04e0c1d63957b7d8c93761b49920b7e5c70f
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
7320a35f8f5fbfd28be89b5588d9cee9dbdbd09151d4ce002da3fce47140e163
79d9baba45507f98ae7d87a88586ebba5c4fb5e5cea5e0d167764904b7963484
7cccd8f78bd73c79f1281052eb4c9bdf6f38386fca206da9954fdf24ab0784af
863395d0e38e9c9c42ff78d3c7ecaf11f3423b5734ccf09cf08e0331f444fbbe
8aaaccc6cca0dc29a1019cbdb983a6b546648a09cca0e31f4751ed4ce0073258
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9388dd37ae7fea9efaa35636146ebf0f8d09d99a02f9881f8da44f23848d5c11
94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
9917ac63c414a96b87415dcfe85a3c682029fab1128055606045e4c06b01cc5b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cb240cb9165f46a39ee0b363ceae251825e1d1509e522c02ec7b280fc1ac145
9cf26fb9689fd8a0cca272392d51ec09f0bb015df6ca4301834f56336cdfbbb5
9d9f44ba07e71df2f22693694583c35883be2fc3c2c2473d7cce521a039752e4
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a2ec2d1fb0f4ceee0c2038971aa1a0f804c0389d55d9ec80342ef23adde9ede6
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
a7b107acc3ab255e0ea6f7453025a5318c5f8949190121b234c3a495bf333774
a7dc84af572a7ed5756c3c6d32d3c8ba09df03653d3df6daa5651105dc0d6552
aa7469f638262821f7ff37616788f67addec2140d47b6d4396a98d0e11391e80
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab54017c0444167aa0373b35754d99768c225d38796dd834057dcd0341f42a00
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cf9494979497e2751b2b9933adb75ca049dbd1c9ee21a9981c630a83061cf1
b7dad492260920af7d4a7996d2d662cca8f0d8aebef97c420eb89e5b4fc2cc9b
b7f62f924ea7b82ad409df09417c32e7ace002d292675841dcfeeecc28a25925
b8666b6a7bda5ea0466128485e57eb867e069582c3709bde90ec39f88d467d0a
bac62b9a825a47764961c656e99d737ad97e9dfe8f1480607c652b284a1131c5
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
be00c6b021883cb1684551714783bace4a657281ebdf833b2a5ff8a56e206bd0
c6c572a51db4b19008dfcde69a5aab55e9cdbce88c99c7ad02f4d44eb939c681
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
cb8aa63b3f73eb99a9f475b1bd8235a6ece0c5051a1cbef6fa5f9df8a208f48a
d177fcf781f78f722b0f5f59056affa6f9db376e9fe22167fc41efeedacb70e9
d1b526c5b87c80b5d6b9ec64df85a97e40578e2cd3c91f2f039a0709b1eb02ac
d259b350459537f1c9a14fdda9a0e8b75d8840d6fa57518782b77ed18b607930
d4e38a51951999e9847ee305ad2eb73ca98f4d367fa5f92351e6c67312738b76
d5280d87baee55df453debab6d2cf4079a730388c6773369fffa6c44ce9f159c
dbc812bb5d310e92d3e8dc0233e53bb0e6847fbf4af65f51667e1fec79ca39ba
dc0415f9a4ba9d5d76a774350a5fb0cda2622e7aaa70ba6c6c5e93a7fa3bd7a3
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
deb450f15cb3228d444d35174564331f60a88e39ae2e6390e3556b529b455421
e06a517c8ef78e142c00c1217c5a3e48c1c31dd55813530c225763ecf688b92f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4
e6a76ef29fdb4d48ff520b42bb652deaf71352988ae9e4e5aca900c759a81722
e90f6b678b2f030caab438c18a9682c81b824f5b829cf9e436065c11bf293193
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f25418cc9ae5f313ac1404361d37cdc9f96c246e7c4b4ff78ea24b7178028ce6
f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f82333103a1080f1da5da0c384159e0f10307305ea2b611289285f3da136c0f2
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f82eeb7d741fcdd22be2f05939c7196ba620b539243541c6a56ab6cd62462613
f9dcd0e06cbb963310011e8e6ab202bc9647754902e51f72ba396426752c9708

lanterman.web.fc2.com Open in urlscan Pro 104.244.99.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

213 Requests

75 %HTTPS

43 %IPv6

39 Domains

67 Subdomains

52 IPs

9 Countries

2774 kBTransfer

5909 kBSize

21 Cookies

13 Outgoing links

Redirected requests

213 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lanterman.web.fc2.com Open in urlscan Pro
104.244.99.169 Public Scan

Screenshot
Live screenshot

Full Image

213
Requests

75 %
HTTPS

43 %
IPv6

39
Domains

67
Subdomains

52
IPs

9
Countries

2774 kB
Transfer

5909 kB
Size

21
Cookies

213 HTTP transactions
4 data transactions