mix.pendrawing.work Open in urlscan Pro
153.120.99.232 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://mix.pendrawing.work/
Submission: On May 20 via manual (May 20th 2022, 7:43:42 pm UTC) from US — Scanned from JP

Summary HTTP 295 Redirects Behaviour Indicators

Summary

This website contacted 48 IPs in 9 countries across 43 domains to perform 295 HTTP transactions. The main IP is 153.120.99.232, located in Japan and belongs to SAKURA-A SAKURA Internet Inc., JP. The main domain is mix.pendrawing.work.

This is the only time mix.pendrawing.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	153.120.99.232 153.120.99.232	7684 (SAKURA-A ...) (SAKURA-A SAKURA Internet Inc.)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
26	133.167.7.2 133.167.7.2	9371 (SAKURA-C ...) (SAKURA-C SAKURA Internet Inc.)
26	142.250.196.130 142.250.196.130	15169 (GOOGLE) (GOOGLE)
18	104.71.157.62 104.71.157.62	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
18	14.0.42.24 14.0.42.24	54994 (QUANTILNE...) (QUANTILNETWORKS)
18	202.233.84.3 202.233.84.3	131957 (MICROAD M...) (MICROAD MicroAd)
1	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2404:6800:400... 2404:6800:4004:825::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:813::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:826::2001	15169 (GOOGLE) (GOOGLE)
18	202.233.84.16 202.233.84.16	131957 (MICROAD M...) (MICROAD MicroAd)
9 14	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
1 2	103.71.26.126 103.71.26.126	132134 (SPOTX-AS-...) (SPOTX-AS-AP SpotXchange)
9	130.211.14.194 130.211.14.194	15169 (GOOGLE) (GOOGLE)
9	54.199.239.233 54.199.239.233	16509 (AMAZON-02) (AMAZON-02)
8	2404:6800:400... 2404:6800:4004:810::2002	15169 (GOOGLE) (GOOGLE)
9	54.92.2.218 54.92.2.218	16509 (AMAZON-02) (AMAZON-02)
18	13.33.174.20 13.33.174.20	16509 (AMAZON-02) (AMAZON-02)
3	18.180.182.210 18.180.182.210	16509 (AMAZON-02) (AMAZON-02)
2 12	13.113.134.169 13.113.134.169	16509 (AMAZON-02) (AMAZON-02)
9	54.64.59.131 54.64.59.131	16509 (AMAZON-02) (AMAZON-02)
2	23.44.52.240 23.44.52.240	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 5	202.232.238.37 202.232.238.37	2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.)
1 1	124.146.215.6 124.146.215.6	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
5 5	202.131.200.84 202.131.200.84	17941 (BIT-ISLE ...) (BIT-ISLE Equinix Japan Enterprise K.K.)
2 2	202.131.200.82 202.131.200.82	17941 (BIT-ISLE ...) (BIT-ISLE Equinix Japan Enterprise K.K.)
1 1	13.230.12.163 13.230.12.163	16509 (AMAZON-02) (AMAZON-02)
12 12	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
8	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
2 2	18.177.59.67 18.177.59.67	16509 (AMAZON-02) (AMAZON-02)
4 4	99.84.128.29 99.84.128.29	16509 (AMAZON-02) (AMAZON-02)
3 6	142.251.42.130 142.251.42.130	15169 (GOOGLE) (GOOGLE)
4 4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	119.63.198.176 119.63.198.176	38627 (BAIDUJP B...) (BAIDUJP Baidu)
8	3.114.252.10 3.114.252.10	16509 (AMAZON-02) (AMAZON-02)
1	103.231.99.243 103.231.99.243	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	13.225.173.36 13.225.173.36	16509 (AMAZON-02) (AMAZON-02)
10	103.231.99.80 103.231.99.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	103.229.206.241 103.229.206.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	182.161.74.16 182.161.74.16	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2 2	54.248.187.209 54.248.187.209	16509 (AMAZON-02) (AMAZON-02)
1 2	119.9.108.180 119.9.108.180	45187 (RACKSPACE...) (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong)
1 2	13.213.158.231 13.213.158.231	16509 (AMAZON-02) (AMAZON-02)
1	161.202.200.115 161.202.200.115	36351 (SOFTLAYER) (SOFTLAYER)
1 2	202.241.208.55 202.241.208.55	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1 1	52.220.229.2 52.220.229.2	16509 (AMAZON-02) (AMAZON-02)
1 2	2406:da18:929... 2406:da18:929:5a01:a378:6e6:f85f:9802	16509 (AMAZON-02) (AMAZON-02)
2 3	18.178.22.21 18.178.22.21	16509 (AMAZON-02) (AMAZON-02)
2	103.231.99.81 103.231.99.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.84.60.21 185.84.60.21	198622 (ADFORM) (ADFORM)
2 2	103.43.90.117 103.43.90.117	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	23.36.110.226 23.36.110.226	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.10.15.201 23.10.15.201	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.40.192.26 23.40.192.26	16625 (AKAMAI-AS) (AKAMAI-AS)
4 9	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
4	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
2 3	209.54.180.3 209.54.180.3	16509 (AMAZON-02) (AMAZON-02)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	2406:2000:a4:... 2406:2000:a4:9fe::	10230 (YAHOO-SG ...) (YAHOO-SG internet content provider)
1 2	52.95.126.138 52.95.126.138	16509 (AMAZON-02) (AMAZON-02)
2 2	52.193.147.183 52.193.147.183	16509 (AMAZON-02) (AMAZON-02)
3	2404:6800:400... 2404:6800:4004:821::2002	15169 (GOOGLE) (GOOGLE)
295	48

10 153.120.99.232 (Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)

mix.pendrawing.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 133.167.7.2 (Osaka, Japan)

ASN9371 (SAKURA-C SAKURA Internet Inc., JP)

wtag.estlier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.196.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.71.157.62 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-71-157-62.deploy.static.akamaitechnologies.com

j.microad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 14.0.42.24 (Osaka, Japan)

ASN54994 (QUANTILNETWORKS, US)

cache.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 202.233.84.3 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

s-rtb.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:4::b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:813::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:826::2001 (Australia)

ASN15169 (GOOGLE, US)

f7bbcc7f11035f8e667ee7fc840ea556.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 202.233.84.16 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

ssp.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 202.233.84.1 (Japan) 9 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.71.26.126 (Singapore, Singapore) 1 redirects

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 130.211.14.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.14.211.130.bc.googleusercontent.com

cdn-fluct.sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.199.239.233 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-239-233.ap-northeast-1.compute.amazonaws.com

sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4004:810::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.92.2.218 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-92-2-218.ap-northeast-1.compute.amazonaws.com

i.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 13.33.174.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-174-20.nrt57.r.cloudfront.net

js.ad-stir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.180.182.210 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-182-210.ap-northeast-1.compute.amazonaws.com

bigmining.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.113.134.169 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-134-169.ap-northeast-1.compute.amazonaws.com

cs.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.64.59.131 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-59-131.ap-northeast-1.compute.amazonaws.com

ad.ad-stir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.44.52.240 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-52-240.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 202.232.238.37 (Minato-ku, Japan) 2 redirects

ASN2497 (IIJ Internet Initiative Japan Inc., JP)

sync.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.6 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

bid.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 202.131.200.84 (Japan) 5 redirects

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)

sync-dsp.ad-m.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.131.200.82 (Japan) 2 redirects

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)

sync-tapi.admatrix.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.230.12.163 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-230-12-163.ap-northeast-1.compute.amazonaws.com

bypass.ad-stir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.213.12.39 (Tokyo, Japan) 12 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.177.59.67 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-59-67.ap-northeast-1.compute.amazonaws.com

api.primecaster.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.84.128.29 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-128-29.nrt57.r.cloudfront.net

cr-p20.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cr-pall.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.42.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.176 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

discoveryplus.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.114.252.10 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-252-10.ap-northeast-1.compute.amazonaws.com

aud.adjust-net.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.231.99.243 (Japan)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.173.36 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-173-36.nrt57.r.cloudfront.net

cr-p10.ladsp.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 103.231.99.80 (Japan)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.206.241 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.74.16 (Singapore) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.248.187.209 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-248-187-209.ap-northeast-1.compute.amazonaws.com

ds.uncn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 119.9.108.180 (Central, Hong Kong) 1 redirects

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.213.158.231 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-158-231.ap-southeast-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 161.202.200.115 (Tokyo, Japan)

ASN36351 (SOFTLAYER, US)
PTR: 73.c8.caa1.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.241.208.55 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.220.229.2 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com

cm-supply-web.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:da18:929:5a01:a378:6e6:f85f:9802 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.178.22.21 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-22-21.ap-northeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.231.99.81 (Japan)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.84.60.21 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.43.90.117 (Singapore, Singapore) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.110.226 (Tokyo, Japan) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-110-226.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.10.15.201 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-10-15-201.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.40.192.26 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-192-26.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 8.39.36.141 (Los Angeles, United States) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.158.64 (Singapore, Singapore) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-apac.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 202.233.84.8 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.180.3 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2000:a4:9fe:: (Taiwan)

ASN10230 (YAHOO-SG internet content provider, SG)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.126.138 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.193.147.183 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-147-183.ap-northeast-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:821::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	microad.jp 9 redirects cache.send.microad.jp — Cisco Umbrella Rank: 116876 s-rtb.send.microad.jp — Cisco Umbrella Rank: 187693 ssp.send.microad.jp — Cisco Umbrella Rank: 191178 aid.send.microad.jp — Cisco Umbrella Rank: 4002 s-cs.send.microad.jp — Cisco Umbrella Rank: 20358	101 KB
39	adingo.jp 2 redirects cdn-fluct.sh.adingo.jp — Cisco Umbrella Rank: 88122 sh.adingo.jp — Cisco Umbrella Rank: 44888 i.adingo.jp — Cisco Umbrella Rank: 61962 cs.adingo.jp — Cisco Umbrella Rank: 3818	65 KB
32	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	226 KB
28	ad-stir.com 1 redirects js.ad-stir.com — Cisco Umbrella Rank: 103719 ad.ad-stir.com — Cisco Umbrella Rank: 113980 bypass.ad-stir.com — Cisco Umbrella Rank: 64664	163 KB
26	estlier.net wtag.estlier.net	21 KB
18	microad.net j.microad.net — Cisco Umbrella Rank: 80097	453 KB
17	rubiconproject.com 8 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1146 eus.rubiconproject.com — Cisco Umbrella Rank: 556 token.rubiconproject.com — Cisco Umbrella Rank: 692 pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 28148 pixel.rubiconproject.com — Cisco Umbrella Rank: 354	28 KB
15	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 439 image6.pubmatic.com — Cisco Umbrella Rank: 612 simage2.pubmatic.com — Cisco Umbrella Rank: 606 image2.pubmatic.com — Cisco Umbrella Rank: 932 image4.pubmatic.com — Cisco Umbrella Rank: 875 simage4.pubmatic.com — Cisco Umbrella Rank: 1170	29 KB
12	bidswitch.net 12 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	5 KB
10	pendrawing.work mix.pendrawing.work	229 KB
8	adjust-net.jp aud.adjust-net.jp — Cisco Umbrella Rank: 119770	393 B
8	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 947	1 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	332 KB
6	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 485 ups.analytics.yahoo.com — Cisco Umbrella Rank: 297 ads.yahoo.com — Cisco Umbrella Rank: 1156	3 KB
5	amazon-adsystem.com 3 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 278 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1187	4 KB
5	ad-m.asia 5 redirects sync-dsp.ad-m.asia — Cisco Umbrella Rank: 3051	2 KB
5	fout.jp 2 redirects sync.fout.jp — Cisco Umbrella Rank: 48480	2 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 338	2 KB
4	ladsp.com 4 redirects cr-p20.ladsp.com cr-pall.ladsp.com — Cisco Umbrella Rank: 3563	2 KB
4	googlesyndication.com f7bbcc7f11035f8e667ee7fc840ea556.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95	4 KB
3	socdm.com 2 redirects bid.socdm.com — Cisco Umbrella Rank: 3917 tg.socdm.com — Cisco Umbrella Rank: 1802	3 KB
3	bigmining.com bigmining.com — Cisco Umbrella Rank: 359047	1 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 393 dis.criteo.com — Cisco Umbrella Rank: 725	1 KB
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 435	770 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 240	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 571	1 KB
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 721	853 B
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1171	1 KB
2	uncn.jp 2 redirects ds.uncn.jp — Cisco Umbrella Rank: 18340	852 B
2	primecaster.net 2 redirects api.primecaster.net — Cisco Umbrella Rank: 240531	650 B
2	admatrix.jp 2 redirects sync-tapi.admatrix.jp — Cisco Umbrella Rank: 73991	949 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 518	1 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 598	449 B
1	media.net hbx.media.net — Cisco Umbrella Rank: 1514	645 B
1	gammaplatform.com 1 redirects cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 5593	736 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 826	613 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 444	726 B
1	ladsp.jp 1 redirects cr-p10.ladsp.jp — Cisco Umbrella Rank: 163642	311 B
1	popin.cc discoveryplus.popin.cc — Cisco Umbrella Rank: 63875	461 B
1	google.com adservice.google.com — Cisco Umbrella Rank: 74	549 B
1	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 41730	792 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 660	30 KB
0	everesttech.net Failed sync-tm.everesttech.net Failed
295	43

	Domain	Requested by
26	securepubads.g.doubleclick.net	wtag.estlier.net securepubads.g.doubleclick.net mix.pendrawing.work www.googletagservices.com
26	wtag.estlier.net	mix.pendrawing.work j.microad.net securepubads.g.doubleclick.net
18	js.ad-stir.com	j.microad.net mix.pendrawing.work
18	ssp.send.microad.jp	mix.pendrawing.work
18	s-rtb.send.microad.jp	j.microad.net
18	cache.send.microad.jp	j.microad.net
18	j.microad.net	wtag.estlier.net sh.adingo.jp
14	aid.send.microad.jp	9 redirects j.microad.net mix.pendrawing.work
12	x.bidswitch.net	12 redirects
12	cs.adingo.jp	2 redirects mix.pendrawing.work ads.pubmatic.com
10	mix.pendrawing.work	mix.pendrawing.work
9	ad.ad-stir.com	js.ad-stir.com
9	i.adingo.jp	mix.pendrawing.work
9	sh.adingo.jp	cdn-fluct.sh.adingo.jp
9	cdn-fluct.sh.adingo.jp	wtag.estlier.net
8	simage2.pubmatic.com	ads.pubmatic.com
8	aud.adjust-net.jp	mix.pendrawing.work
8	odr.mookie1.com	mix.pendrawing.work
8	www.googletagservices.com	securepubads.g.doubleclick.net
6	cm.g.doubleclick.net	3 redirects mix.pendrawing.work eus.rubiconproject.com
5	token.rubiconproject.com	3 redirects eus.rubiconproject.com
5	sync-dsp.ad-m.asia	5 redirects
5	sync.fout.jp	2 redirects mix.pendrawing.work sh.adingo.jp
4	pixel.rubiconproject.com	1 redirects eus.rubiconproject.com
4	s-cs.send.microad.jp	eus.rubiconproject.com mix.pendrawing.work
4	eus.rubiconproject.com	j.microad.net eus.rubiconproject.com
4	match.adsrvr.org	4 redirects
3	pagead2.googlesyndication.com	www.googletagservices.com
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	ups.analytics.yahoo.com	2 redirects mix.pendrawing.work
3	bigmining.com	mix.pendrawing.work
2	pixel.advertising.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects eus.rubiconproject.com
2	pixel-apac.rubiconproject.com	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	ib.adnxs.com	2 redirects
2	c1.adform.net	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	tg.socdm.com	1 redirects mix.pendrawing.work
2	image2.pubmatic.com	ads.pubmatic.com
2	sync.crwdcntrl.net	1 redirects ads.pubmatic.com
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	ds.uncn.jp	2 redirects
2	dis.criteo.com	1 redirects ads.pubmatic.com
2	cr-pall.ladsp.com	2 redirects
2	cr-p20.ladsp.com	2 redirects
2	api.primecaster.net	2 redirects
2	sync-tapi.admatrix.jp	2 redirects
2	ads.pubmatic.com	sh.adingo.jp ads.pubmatic.com
2	sync.search.spotxchange.com	1 redirects mix.pendrawing.work
1	simage4.pubmatic.com	ads.pubmatic.com
1	ads.yahoo.com	eus.rubiconproject.com
1	id.rlcdn.com	eus.rubiconproject.com
1	hbx.media.net	mix.pendrawing.work
1	image4.pubmatic.com	ads.pubmatic.com
1	cm-supply-web.gammaplatform.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	cr-p10.ladsp.jp	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	discoveryplus.popin.cc	mix.pendrawing.work
1	bypass.ad-stir.com	1 redirects
1	bid.socdm.com	1 redirects
1	f7bbcc7f11035f8e667ee7fc840ea556.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.jp	securepubads.g.doubleclick.net
1	gum.criteo.com	cache.send.microad.jp
1	code.jquery.com	mix.pendrawing.work
0	sync-tm.everesttech.net Failed	ads.pubmatic.com
295	69

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
jpssl.cdngc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-25` - `2022-07-20`	a year	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
cdn-fluct.sh.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2021-09-27` - `2022-10-14`	a year	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-04-06` - `2023-04-14`	a year	crt.sh
*.ad-stir.com AlphaSSL CA - SHA256 - G2	`2021-11-10` - `2022-12-12`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.fout.jp RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-01-20` - `2023-02-20`	a year	crt.sh
*.adjust-net.jp Starfield Secure Certificate Authority - G2	`2022-04-12` - `2023-05-07`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh

This page contains 74 frames:

Primary Page: http://mix.pendrawing.work/
Frame ID: 11074632661CF738561C2EC5FB4CB2B1
Requests: 37 HTTP requests in this frame

Frame: https://cache.send.microad.jp/js/cookie_loader.html
Frame ID: B365A7A49D30C5DC058CF8227DE809F5
Requests: 2 HTTP requests in this frame

Frame: https://f7bbcc7f11035f8e667ee7fc840ea556.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D883DBE1F7697487D7CBC9E47A92DF02
Requests: 1 HTTP requests in this frame

Frame: http://wtag.estlier.net/tagapi1.0/13417/ba/2/
Frame ID: A6B234060C501A438EE1FAC38FEFBECF
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9Y9kym9LA3zwAHSmWBvKuVhri4W5Y3-flp5IWWLo-8iXudC6G2v9thPDdtVmNaqPzyTR2Z-_WuRDqQUKfNACQaJY69O76bXDNUYCC2O9pn2TTqSdRveN73-wgeZTHmu3alckrtd6fCZX_edLtO7docq_wHwfZtWhcD5bkzSnkvkKDqMaBvCoXMAmmxwtX8f2SaOg8DawjalCUzMkTn5i2wKnoxMb3B5I6kJsIDt_ZgwSQvln2zaWx3TNtaBGFjHbYK-OZjVgbkuTxV3Sw9dUwAC_PyN4oifQpkwHTimPjn4YuHuStMh-v&sai=AMfl-YQYzilJ7Egn8aFD2Xwk6k3rfzHBeFu51ODsuRnnwq7FLNeZBCPQFaALO3SCLst05AvmFCcp3cLGiTV3rRE5W87yYw_oDzt3wNeLw6EZTO6AXroJa-6YifaHgZQun1dO&sig=Cg0ArKJSzKms8yE9ftD4EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A4BF84807DEBD1A165F09D6EF49FC894
Requests: 8 HTTP requests in this frame

Frame: http://j.microad.net/js/compass.js
Frame ID: C379D4E65E1489348E791545FF111D9F
Requests: 5 HTTP requests in this frame

Frame: https://cache.send.microad.jp/js/cookie_loader.html
Frame ID: E3719BB6D7AE430F3920955676005AA0
Requests: 1 HTTP requests in this frame

Frame: https://cache.send.microad.jp/js/cookie_loader.html
Frame ID: 6D710B7ADD4D43C04EF257ECA9E70A75
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsur_vwIYvVqUZ-lTk-rJNt2OqLJ5i4y6sQ9QnIjpUYv1y98Yshsp1Wn71ug2aZqrrkThulHXw_W3HKvpEMfvKZw7TZJUc-vFvvzS7GZ2H_PSgEX0Yrk7Ri_9NpgwfWQZWNrHhVpOQYoNSze4J_2E14jNWKvuXmaqhcOdHJwXIX42s06fUK8aqCO9YIfu6PIBB-RB4f7tb52PfB1DZn7bL6FK7S-5SmYd9y5N1No6cuzXxuh_ni0YdNG6QkiEdRIH6Tsxr8bAX9RwpGROIE1u-uHcMNBnAeBoZ6QKqgY5-Kpsot_0W0rIov3&sai=AMfl-YR_kV8XWG8-3IEweUhbHFK8G_dPx1aVAUvUXwLyLsSinTMEjc3slbu3-3xr_-MVDfdHSTWmqD28_pmHiwFUZRXvdk7Zz3NAl6z0zJwhJZycLqKfUrOt_V43BKCxj5hc&sig=Cg0ArKJSzJ9Kq5_Ol5-lEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 44C951E93E9007C21CFF18258AEBD147
Requests: 9 HTTP requests in this frame

Frame: https://cache.send.microad.jp/js/cookie_loader.html
Frame ID: 18ADDF3DDBC6C2586893B25CE14F0DC3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxqLaJuEsm3LjayLk2478BFcJ0hMkFSBiEazyHz8-JREegMWhQCwD-5dlv_IL3VBTRjfMVUYB6WksA7Tv4QR42xDb8x3lZ9XzLLIR96N8MyIsaZ78rE3BVZ7p0m_lKJgarPZ-X-2_v8gWNRxaKT1QIuI8AB5pzcoDnOu7Lke56FQ1BIP_DWF86p6diCts81QGMWF7pbb1nnszTNhv3F4Ws5krEK0YzBbTwp-sSHD0-kzOLMzISsIHDyk_Xa9ot81jPYSbijwsWS20ilTuoxiD6P21RZ0PWoZjanciXkBdmGGDOulby28mY&sai=AMfl-YRm7HDxs2qeDmM1oVd_rDO_CrsU5sRLq3eKQnMOLckiQIkf_HvXwjJB6r1e_hFwnYNnJob5scEH8cKi7luAxv8iG9lZ_19Zibmj-sskI1pK08SeIoYN07zSvY53cNs2&sig=Cg0ArKJSzDgn7AmFPAfxEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B1E21B309F9BBCA8F0C12C3DE4ACE540
Requests: 10 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/adstir.js
Frame ID: C3A8CE4503ED03ADAA76411BDFF2B57E
Requests: 2 HTTP requests in this frame

Frame: https://cache.send.microad.jp/js/cookie_loader.html
Frame ID: 3A2CC0CF7F570039AEB426F8B5374E5F
Requests: 1 HTTP requests in this frame

Frame: http://wtag.estlier.net/tagapi1.0/13415/b3/2/
Frame ID: 029F1AE2A4BBEF8CB19B729DB0EAADCB
Requests: 15 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/load_adstir_optout.html?url=http://mix.pendrawing.work/
Frame ID: 13AF36EEAA9732E8CBC2802AC9A98424
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Frame ID: 57429EEF10631959B9E4642480DA5DDD
Requests: 15 HTTP requests in this frame

Frame: http://j.microad.net/js/compass.js
Frame ID: 497D8E32B2ECD5BDF6FF9F3AA8DB3177
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfBbXijoyoUwRxRpxEz60I-uAIJ3hojZAXlHQWhf50EMBuvCZGo6TIXOHRKjo0f4G6mqsbsletrarxzBoaDocjs9LmgSl629AgSB2I6eFirzPLplUQGR1f99vdujcrk-tJL6Z2XXVhs_49LLBuXYMWVnV19M1-GaWo70EiqA4WExx5HuRmV8V1zObcaubDeyW3z3nAtC_jofWATVivHrmNGGBdJ6Vx4D6g84TLU4G43CwfKGZZ2FjuW_3g5RmtfPt27_UVkb2SJ9O-e2AJ_yzgd6UPl-B5dfTBF4N55quSKLA7Qpc16a6N&sai=AMfl-YRRmpsHVK77LGF1cYyjC-Z5jTNaOf2j3fOTabjr5PCaU6pxpLjsyJ_79P9RBm6_g2win-h6mUlI99L2ldJCyhdIqiL_e3NDYp0XQgnMUU9-mCvfcvaa17YrOnI6zgthufw&sig=Cg0ArKJSzGaloWoP4HwMEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EB38303DB14A4D22706C001760952F93
Requests: 11 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AYXbr6nlWFpKks8ADsLzWLkgms8AAAGA4v8x8A
Frame ID: A78BEB200F8EFB78183253E4B86C55E4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b8006287-ef69-4400-9381-a9cfbd985022&gdpr=0&gdpr_consent=
Frame ID: 9548C6FDCC2470E3A1C55202890CACE3
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: F7705EDBC6CB86DDBDC52D845BE8027F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_3418df40-eea4-46d3-85be-2b69733ba06d
Frame ID: 027C44ACD07C2F991FF1F37AA2B0EBEB
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 0D0DCE585591AB356B73ABB09C1A141F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=2w3u91dYnty
Frame ID: 18A13B354F3A27B5FA4B5DAE524C571D
Requests: 1 HTTP requests in this frame

Frame: https://cs.adingo.jp/sync/?from=pubm&id=4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4
Frame ID: 7BEBF3309D4ED368D7B181410C5AEC92
Requests: 1 HTTP requests in this frame

Frame: http://wtag.estlier.net/tagapi1.0/13416/6c/2/
Frame ID: 3138BD1F5DFFD6951A0AC43C3B7D5324
Requests: 7 HTTP requests in this frame

Frame: https://cache.send.microad.jp/js/cookie_loader.html
Frame ID: B0E8E412EDA4F8728B98BDC559CDA519
Requests: 1 HTTP requests in this frame

Frame: https://cache.send.microad.jp/js/cookie_loader.html
Frame ID: 56A325919CA41920BC0B30A532F5FAB8
Requests: 1 HTTP requests in this frame

Frame: http://wtag.estlier.net/tagapi1.0/13413/f0/2/
Frame ID: C7C851899099645008FD1BADBEDA382E
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss15mktDoTZHCSrNQPbAJaMToSgxHeOP2h5gWO_-G1ajn9GmaYDrmfsgqpjI_28SZ7SwwiPezvi0GI9s6GHLuUOlalEjRuDjK2_1haD6Ht5f8UEydP3Ergr77NifJEykx8t4d8fJZ0I2mfm-tHrr1CnuJQUO4Ve4QjwQs37RkYxWafZiNzF9e6Ei4DFalOC10tJh-OmcoGa2ERVHQ0TiZIKjA8N-01_rjifUBzl8gmmqneP--vZDV-y_hcgOj3qUW9FkFP8xj1ZTvXqb3sH_OgcNph-L-osL2xH8-W7Cd7Q8ZY0HKifmlRu&sai=AMfl-YTmCaOcYig8dxdqErXYT1D_SubMR8jFI0Zy47KA82vanEvZ9P5Gg8BmwlYVZglqzyYjAosSrudBFGm7r2WRvGC3-LMidluv7spiAeRAmGxcodhdGXxiqqwj32ex7G1r&sig=Cg0ArKJSzNmW3TaDCBIgEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4DF84B8D85DABFACA4FC5FC18E4293A3
Requests: 9 HTTP requests in this frame

Frame: http://j.microad.net/js/compass.js
Frame ID: A959057AFAC1E48AD63B99CF34FB4382
Requests: 3 HTTP requests in this frame

Frame: https://cache.send.microad.jp/js/cookie_loader.html
Frame ID: 8E7393564CE17FD2068B412B02FC71F2
Requests: 1 HTTP requests in this frame

Frame: https://cache.send.microad.jp/js/cookie_loader.html
Frame ID: 5306689372739F13718790055752D77A
Requests: 1 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/adstir.js
Frame ID: 2003464053217737CB93B8702D74F427
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac
Frame ID: 036F2417F888981ADAE557A890618326
Requests: 12 HTTP requests in this frame

Frame: http://j.microad.net/js/compass.js
Frame ID: 89D256F2C68DB586DB0B831069B6EC43
Requests: 3 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/load_adstir_optout.html?url=http://mix.pendrawing.work/
Frame ID: 686DBC33193F4FC475BFF39FC3796C33
Requests: 1 HTTP requests in this frame

Frame: https://cache.send.microad.jp/js/cookie_loader.html
Frame ID: 2FC16FC6493DB49486BC4EC26CB9C628
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHTPcQebTE0q5wunXIooAxkNIY9ldC5wLepnUt61eVH7CvWgjg3QJ_m-azDK9KzGPPvxxkK5hXo6K7Vu_2tkYEHlpzZ0WnYsgTXtoqYIsG1kNwyyPxHp__ZEskPXbgRtkY4okCAti5d-lNlUvf8fXDnGW2wtbU_sXYnwB-1hBr9-G-_JZIQTtU4JSoApX-cOZfZ_hHAStRTA5YZ2g4e1j3kx7unxEVgxE_IAms0BMXvaycF0HqelFLUn4sSvW5EMdSo3i66fYoFs6dnNaBGPJtSUPjP9q-Hn7S1UsCP5PZqo-80hKieGlY&sai=AMfl-YSNXSIIAbsdGgd7Y2aZfV2_j3ir9x24lbDkKxPyF3qbvmQgHPNjO2cf4SFQFuxbJl2Y7r7zZ0joftuY-vwQ63PSwdiIu44oexCZ9rbzCloRSSkG5n-GOKHwMcD8tyx7&sig=Cg0ArKJSzKkqlzdzM2EFEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 72DFA1D2277CD4685557A73D319489B3
Requests: 9 HTTP requests in this frame

Frame: https://cache.send.microad.jp/js/cookie_loader.html
Frame ID: C7D5E7664237EF7B3149589A6213A37D
Requests: 1 HTTP requests in this frame

Frame: http://wtag.estlier.net/tagapi1.0/13420/61/2/
Frame ID: B0696846A78D9C86A49DDA01A9F1838E
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstd8mG8YPEUCRhCfUwhGJKw5NaiCv7jbEkiNyJKwMXkiKW2uqJQbjMH2umcrmzX4QuQaMzNTiIPYyjFFlDlI6RId_KT_a9LWILUrGBhi393OVh3sqHHEWaTRtxCJ0rUpUBlSJuaHgj3ogWharruqX4y2OCbcpUxtsL3wUOHj0U8EpWQq8dZ0Ie6-pviYwxxzhDfYQBDboA4-G8aO2wHviCtmlKp6ibepY7J6S-yiVPAObMszEfyrXPm1wrlz0nXIOpkKg86PIFHSLbcKImD9fFeGEiWf2Ja-HIOIhMH7V3QwwiWkBFF6i9F&sai=AMfl-YQak1K9ykoSnY6hhAlcYRp7gaaTHlmDcpg9VcBhr3Ti26OrNuBntFS_IqMfwQWm6pGst82H859I2sg-yvUO6oap4foK8u1OarghhlcJEqZfemOxSkDib6VbrRFu3r0s&sig=Cg0ArKJSzF7aWPnlDpwFEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 030C9317BA05194603A65C0838B13326
Requests: 11 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/adstir.js
Frame ID: EFB1A08E09D251372DAB371FFB84A360
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac
Frame ID: E6B12D116BD64631B89768A6715DAD2B
Requests: 4 HTTP requests in this frame

Frame: http://wtag.estlier.net/tagapi1.0/13419/3a/2/
Frame ID: 6CD04C0288036AEE13F302965079C54C
Requests: 7 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/load_adstir_optout.html?url=http://mix.pendrawing.work/
Frame ID: 223052668D2148595540581D28999937
Requests: 1 HTTP requests in this frame

Frame: https://cache.send.microad.jp/js/cookie_loader.html
Frame ID: D8FFAC24C046ECEC853223A69A62CC71
Requests: 1 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/adstir.js
Frame ID: 35547E4879CFE82725B054B2163D75E8
Requests: 2 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/load_adstir_optout.html?url=http://mix.pendrawing.work/
Frame ID: 37EFD64A087C54DBA2782C40B218147A
Requests: 1 HTTP requests in this frame

Frame: http://j.microad.net/js/compass.js
Frame ID: BB01AAC7A8FB42426E7408B640B762E1
Requests: 4 HTTP requests in this frame

Frame: https://cache.send.microad.jp/js/cookie_loader.html
Frame ID: 78E6A75B3EA57CDD053236468C53623C
Requests: 1 HTTP requests in this frame

Frame: http://j.microad.net/js/compass.js
Frame ID: 68B1587D4C7EDE9E0F0B22EED6F5BB4B
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuILl8FJGXqkKzRDLsVJQs7D7aLdAgeWUNR5WJnrr6OOE-crxUJM28um-HgZeHSuM9HagYMwfqDatUyHKqj7y9lUzgHOes1J7dhcNiusJlZrh59__8XEFNtmxDwCGXw34gB1vMSqjX8p8pEtXGbp4VYXy1BUIoE0GpnzlG5Dj0g7xPL34ycExVFxV_uMMwAwPi3zE3jHEOI7dKxGFTzQAiUKhRxrvnChZHGPCrFuPELQMas5gnPQDeqY_2p6JYcAEAaZ7yiRPh8Fgv77Mzs0pWcPvK7vraZkqMIE13M2exxsduNJMFkkCZv&sai=AMfl-YTcNtbt91gkSM3UnDr_Uux5XdcJTHOCXrZcRwwkjXKQFN9i1zfNbRwsMdJLIeMJtgO0P0HdwLlJ-vbNWkWtJhl7CDbX0LUmqBsKzgdgVm-k5DmUI8uT_VQVPMWQTz0&sig=Cg0ArKJSzOq50KJlSvuGEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 42205F288438B1FF6085DEB2F277A9B9
Requests: 8 HTTP requests in this frame

Frame: http://wtag.estlier.net/tagapi1.0/13414/34/2/
Frame ID: AA145E23D327ABA849DB41419C7BFA4C
Requests: 6 HTTP requests in this frame

Frame: https://cache.send.microad.jp/js/cookie_loader.html
Frame ID: EA9B0B30282612E82BB199BC05099CE0
Requests: 1 HTTP requests in this frame

Frame: https://cache.send.microad.jp/js/cookie_loader.html
Frame ID: DD0555822D8D920E387BE46D0DB0BF5F
Requests: 1 HTTP requests in this frame

Frame: http://j.microad.net/js/compass.js
Frame ID: 6FCA2362BFBCBA8A8F067A32C9FCFFB4
Requests: 3 HTTP requests in this frame

Frame: https://cache.send.microad.jp/js/cookie_loader.html
Frame ID: 0057E4121B91CC289BE3A91E22B185F4
Requests: 1 HTTP requests in this frame

Frame: http://wtag.estlier.net/tagapi1.0/13418/21/2/
Frame ID: 2867880D3F5113C16D28459B5DF6C348
Requests: 6 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/adstir.js
Frame ID: 7102751C64C44121CDC5004A0E6F9ABF
Requests: 2 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/load_adstir_optout.html?url=http://mix.pendrawing.work/
Frame ID: 934C8B45C4707DAE4368286CC21A3B76
Requests: 1 HTTP requests in this frame

Frame: http://j.microad.net/js/compass.js
Frame ID: 21D03068A04602CAC9E2AA489B9D7B9D
Requests: 3 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/adstir.js
Frame ID: 8D5A35B10F1AAEEA97694C543E4C8BE7
Requests: 2 HTTP requests in this frame

Frame: http://wtag.estlier.net/tagapi1.0/13421/22/2/
Frame ID: 0A09B9CF40E9BE89A0E52FA9E09D42A1
Requests: 6 HTTP requests in this frame

Frame: https://cache.send.microad.jp/js/cookie_loader.html
Frame ID: B6A9EB1AF9C6065B12D95801B765A49F
Requests: 1 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/load_adstir_optout.html?url=http://mix.pendrawing.work/
Frame ID: BE9F727E864B2254DEDA9D8C62D87CAE
Requests: 1 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/adstir.js
Frame ID: A68E47C0C75857C8388E239B9AD5AA80
Requests: 2 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/load_adstir_optout.html?url=http://mix.pendrawing.work/
Frame ID: E7E529BBD8F9ADE3347FA97116A5AB2E
Requests: 1 HTTP requests in this frame

Frame: http://j.microad.net/js/compass.js
Frame ID: 3A7F4133C54C55756CE27CEA3210BDAA
Requests: 4 HTTP requests in this frame

Frame: https://cache.send.microad.jp/js/cookie_loader.html
Frame ID: F5D76AF2641B10C341A9A284BAF0E3FB
Requests: 1 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/adstir.js
Frame ID: C236A8655DDF5AE833BB4D1CCBB2A43A
Requests: 2 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/load_adstir_optout.html?url=http://mix.pendrawing.work/
Frame ID: 41E53B04C3EBFE30FBB05FFE87CCDE99
Requests: 1 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/adstir.js
Frame ID: 7A16AD9162DCF34E8A441AF615DE9D15
Requests: 2 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/load_adstir_optout.html?url=http://mix.pendrawing.work/
Frame ID: C844FBF8643C93046FDEA1482962CA1B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ひらめきとアンケート

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

295
Requests

62 %
HTTPS

14 %
IPv6

43
Domains

69
Subdomains

48
IPs

9
Countries

1682 kB
Transfer

4825 kB
Size

88
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://aid.send.microad.jp/asr?v=1&code=LkV6T8kjJNI&format=pixel HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8837&uid=5Nq3nZ0OK5GR0w5Xfl6dylBv94dV6zZkEL8zUnrACxlOrkTH6TY4AA HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8837&uid=5Nq3nZ0OK5GR0w5Xfl6dylBv94dV6zZkEL8zUnrACxlOrkTH6TY4AA&__user_check__=1&sync_id=2401a45e-d875-11ec-a1dd-12a3d7700507

Request Chain 66

https://aid.send.microad.jp/asr?v=1&code=XtrNLKLWme8&format=pixel HTTP 302
https://bigmining.com/pixel/microad2big.png?id=1_QWUOwaRK8kK3C7ga3ur6_NW08UTVWYioS5boaPEKghQsNkBUAQBw

Request Chain 67

https://aid.send.microad.jp/asr?v=1&code=wjYYWZkhlE4&format=pixel HTTP 302
https://cs.adingo.jp/sync/?from=universe&id=G-hSg49WN7Y1m8vjHEseIiLGwDSYdBQl3G8zNV-HRUDa3Ubv7SI_Kw

Request Chain 71

https://aid.send.microad.jp/asr?v=1&code=XtrNLKLWme8&format=pixel HTTP 302
https://bigmining.com/pixel/microad2big.png?id=1_QWUOwaRK8kK3C7ga3ur6_NW08UTVWYioS5boaPEKghQsNkBUAQBw

Request Chain 79

https://bid.socdm.com/rtb/sync?proto=adingo&sspid=adingo&tp=http%3A%2F%2Fmix.pendrawing.work%2F&pp=http%3A%2F%2Fmix.pendrawing.work%2F&t=.gif HTTP 302
https://cs.adingo.jp/sync/?from=scaleout&id=YofvaMCo8HgAAIrIBrgAAAAA

Request Chain 80

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=fluct HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=fluct&uid-set=1 HTTP 302
https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dfluct%26uid%2Dset%3D1%26auid%3D HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=fluct&uid-set=1&auid=3c469ce8-2d7c-46f0-93f0-e49cb8a82055 HTTP 302
https://cs.adingo.jp/sync/?from=fbit&id=o7GE-9sHqo9-Q

Request Chain 81

https://bypass.ad-stir.com/push_sync?xid=fluct HTTP 302
https://cs.adingo.jp/sync/?from=bypass&id=1c685b34-b560-4c11-876c-31af5887586c

Request Chain 82

https://x.bidswitch.net/sync?ssp=fluct HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=fluct HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=

Request Chain 83

https://api.primecaster.net/adlogue/api/sync/fluct HTTP 302
https://api.primecaster.net/adlogue/api/sync/fluct?uid-set=1 HTTP 302
https://cs.adingo.jp/sync/?from=pricas&id=4RYytIrN7N

Request Chain 84

https://cr-p20.ladsp.com/cookiesender/20 HTTP 302
https://cr-p20.ladsp.com/cookiesender/20?cr=true HTTP 302
https://cs.adingo.jp/sync/?from=logicad&id=AYXbr6nlWFpKks8ADsLzWLkgms8AAAGA4v8yDw

Request Chain 85

https://cs.adingo.jp/adx/go/?nid=fluct_eb HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_hm=bd2e0bf6b71542fb614b58113e81df78

Request Chain 86

https://match.adsrvr.org/track/cmf/generic?ttd_pid=dj0pjjk&ttd_tpi=1 HTTP 302
https://cs.adingo.jp/sync/?from=tdid&id=5c33c685-8d9b-4a16-9aef-4f3066e3a88d&ttl=1655667816

Request Chain 87

https://cs.adingo.jp/popin/?id=bd2e0bf6b71542fb614b58113e81df78 HTTP 302
https://discoveryplus.popin.cc/popin_discovery/cs?pid=fluct&puid=bd2e0bf6b71542fb614b58113e81df78

Request Chain 96

https://cr-p10.ladsp.jp/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://cr-pall.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://cr-pall.ladsp.com/cookiesender/10?cr=true&https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AYXbr6nlWFpKks8ADsLzWLkgms8AAAGA4v8x8A

Request Chain 97

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b8006287-ef69-4400-9381-a9cfbd985022&gdpr=0&gdpr_consent=

Request Chain 99

https://ds.uncn.jp/pm/0/sync HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_3418df40-eea4-46d3-85be-2b69733ba06d

Request Chain 101

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dpubmatic%26rd%3Dhttps%253A%2F%2Fsimage2%2Epubmatic%2Ecom%2FAdServer%2FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%2526piggybackCookie%253D%26auid%3D HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&auid=3c469ce8-2d7c-46f0-93f0-e49cb8a82055 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=2w3u91dYnty

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TOf36BOJRtysbio6LOI51A%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 104

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 105

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4&gdpr=0&gdpr_consent=&ct=y

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIQJAggRGL86PCJ2JkMIcRE&google_cver=1

Request Chain 108

https://tg.socdm.com/rtb/sync?proto=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=YofvaMCo8HgAAIrIBrgAAAAA

Request Chain 109

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5c33c685-8d9b-4a16-9aef-4f3066e3a88d

Request Chain 110

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=6&t=pixel&ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=433&user_id=eia8lnae3wvu&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4c57029c-9957-4ff1-83f1-f0ff17b38e45&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 112

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bLR4EetE2uV1fmEzgnORQsBPnEmeP48-~A&gdpr=0&gdpr_consent=

Request Chain 113

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=316937144418363931

Request Chain 114

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3834589878498567173&gdpr=0&gdpr_consent=

Request Chain 126

https://aid.send.microad.jp/asr?v=1&code=Utqpjbqy87I&format=pixel HTTP 302
https://tg.socdm.com/aux/idsync?proto=universe&ssp_uid=LhW9tI7WjZsNGTH6lzAwgAFsfZZle53IHTvSpG0fTzqkXmY-47yjiw

Request Chain 133

https://x.bidswitch.net/sync?ssp=fluct HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=

Request Chain 144

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=microad&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac

Request Chain 146

https://aid.send.microad.jp/asr?v=1&code=jG40gaTLVE0&format=pixel HTTP 302
https://hbx.media.net/cksync.php?cs=3&type=mic&ovsid=zYyeXTIU9f6t23lepCbHbuudXj1Vs0RWxnfjShIoViFbu_dFsT-HEA

Request Chain 148

https://x.bidswitch.net/sync?ssp=fluct HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=

Request Chain 167

https://aid.send.microad.jp/asr?v=1&code=XtrNLKLWme8&format=pixel HTTP 302
https://bigmining.com/pixel/microad2big.png?id=1_QWUOwaRK8kK3C7ga3ur6_NW08UTVWYioS5boaPEKghQsNkBUAQBw

Request Chain 169

http://aid.send.microad.jp/g/pc/asr HTTP 307
https://aid.send.microad.jp/g/pc/asr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=MiAd&google_hm=2eN4N25cYUtrSkymtJK8pw==

Request Chain 175

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=microad&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac

Request Chain 195

https://sync.fout.jp/sync?xid=fluct HTTP 302
https://cs.adingo.jp/sync/?from=fout&id=yCiSxAyyvKo8cGRv0Xb_7VRwjhU

Request Chain 196

https://x.bidswitch.net/sync?ssp=fluct HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=

Request Chain 202

https://sync.fout.jp/sync?xid=fluct HTTP 302
https://cs.adingo.jp/sync/?from=fout&id=yCiSxAyyvKo8cGRv0Xb_7VRwjhU

Request Chain 203

https://x.bidswitch.net/sync?ssp=fluct HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=

Request Chain 207

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=microad&khaos=L3EUNS5Q-1B-65CN HTTP 302
https://s-cs.send.microad.jp/hs?k=magnite_1&id=L3EUNS5Q-1B-65CN

Request Chain 222

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5c33c685-8d9b-4a16-9aef-4f3066e3a88d&gdpr=0&gdpr_consent=&expires=30

Request Chain 223

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bgfrsBZxTeiJ_CQUK2mXkg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bgfrsBZxTeiJ_CQUK2mXkg

Request Chain 224

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNFVU5TNVEtMUItNjVDTg==

Request Chain 226

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDR22Umegx1VWilP9n5e8UU&google_cver=1

Request Chain 227

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3EUNS5Q-1B-65CN&sigv=1&esig=2~748f636855e80e460a95ae23ad18d507acbddc44

Request Chain 228

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/pMugOOuv4l6cDaCneLWLXsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7249350093604489629

Request Chain 229

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t

Request Chain 230

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=microad&khaos=L3EUNS8P-18-8P1Q HTTP 302
https://s-cs.send.microad.jp/hs?k=magnite_1&id=L3EUNS8P-18-8P1Q

Request Chain 231

https://x.bidswitch.net/sync?ssp=fluct HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=

Request Chain 240

https://aid.send.microad.jp/asr?v=1&code=1lEd6kdM8PY&format=pixel HTTP 302
https://pixel.advertising.com/ups/58376/sync?uid=Onb6ZXNFJyKZ6reaYHTAbB5iPDLncHloDC3ImDoCCV4AnC03tMjjBw&_origin=1&gdpr=0&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/58376/sync?uid=Onb6ZXNFJyKZ6reaYHTAbB5iPDLncHloDC3ImDoCCV4AnC03tMjjBw&_origin=1&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58376/sync?uid=Onb6ZXNFJyKZ6reaYHTAbB5iPDLncHloDC3ImDoCCV4AnC03tMjjBw&_origin=1&gdpr=0&gdpr_consent=&apid=UP24d848f1-d875-11ec-970b-0a3913709c99

Request Chain 241

https://dis.criteo.com/dis/usersync.aspx?r=14&p=199&cp=microad.openrtb&cu=1&url=https%3A%2F%2Fs-cs.send.microad.jp%2Fhs%3Fk%3Dcriteo_hs%26id%3D%40%40CRITEO_USERID%40%40%0D%0A HTTP 302
https://s-cs.send.microad.jp/hs?k=criteo_hs&id=8a2a9094-442b-4e9e-9c00-e7fafa1fa308

Request Chain 246

https://ds.uncn.jp/compass/0/sync_push HTTP 302
https://s-cs.send.microad.jp/hs?k=unicorn_1&id=v_3418df40-eea4-46d3-85be-2b69733ba06d

Request Chain 250

https://x.bidswitch.net/sync?ssp=fluct HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=

Request Chain 255

http://aid.send.microad.jp/g/pc/asr HTTP 307
https://aid.send.microad.jp/g/pc/asr

Request Chain 269

https://x.bidswitch.net/sync?ssp=fluct HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=

295 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
mix.pendrawing.work/ 4 KB
2 KB 38ms
19ms Document
text/html 153.120.99.232
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 153.120.99.232 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 3b3cb31cf5bc15449c9ec85ceae9935a58ce84bd187a9597ad7cbb75c23ba704

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 20 May 2022 19:43:34 GMT
Last-Modified: Wed, 21 Nov 2018 01:18:53 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK reset.css
mix.pendrawing.work/library/common2/css/ 2 KB
1 KB 18ms
18ms Stylesheet
text/css 153.120.99.232
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://mix.pendrawing.work/library/common2/css/reset.css
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 153.120.99.232 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 695919a63165ef92b07233246eb53434087dfe83c86a6e84627ee86a15689fc5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Nov 2018 01:18:53 GMT
Server: nginx
ETag: W/"5bf4b27d-72a"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK style.css
mix.pendrawing.work/library/common2/css/ 19 KB
6 KB 37ms
19ms Stylesheet
text/css 153.120.99.232
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://mix.pendrawing.work/library/common2/css/style.css
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 153.120.99.232 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 3895a88a95b48e50141c8863c7f86a0cff82640b7b1614a4108f135daa2b8482

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Nov 2018 01:18:53 GMT
Server: nginx
ETag: W/"5bf4b27d-4d1f"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery-3.2.0.min.js Show response
code.jquery.com/ 85 KB
30 KB 221ms
109ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-3.2.0.min.js
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Aug 2021 17:47:53 GMT
Server: nginx
ETag: W/"611feac9-15244"
Vary: Accept-Encoding
X-HW: 1653075815.dop206.sj3.t,1653075815.cds104.sj3.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30102

GET
H/1.1 200
OK common.js Show response
mix.pendrawing.work/library/common2/js/ 468 B
612 B 35ms
18ms Script
application/javascript 153.120.99.232
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://mix.pendrawing.work/library/common2/js/common.js
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 153.120.99.232 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: d793137f72c57a1432b09407e88a242b6571cb1b5e29690966d184b890ac17c0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Nov 2018 01:18:54 GMT
Server: nginx
ETag: W/"5bf4b27e-1d4"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK logo.png
mix.pendrawing.work/library/common2/image/9999/ 29 KB
30 KB 20ms
19ms Image
image/png 153.120.99.232
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mix.pendrawing.work/library/common2/image/9999/logo.png
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 153.120.99.232 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 0b30019c663068e6845f057b55eeecd1d2c697017b2fa8b5a6b93cb170f4a690

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Nov 2018 01:18:55 GMT
Server: nginx
ETag: W/"5bf4b27f-7570"
Vary: Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK rule.png
mix.pendrawing.work/library/common2/image/9999/ 53 KB
53 KB 21ms
20ms Image
image/png 153.120.99.232
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mix.pendrawing.work/library/common2/image/9999/rule.png
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 153.120.99.232 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 47342c25d46323a0f13f52332c19d17dda38a011a3b0a05d4bc6c0b8b9da56a5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Nov 2018 01:18:55 GMT
Server: nginx
ETag: W/"5bf4b27f-d2b7"
Vary: Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13420/61/0/ 766 B
887 B 27ms
9ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13420/61/0/
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: 20bab72b343061f05a69bac03da39a8dfe73c31c56a98f086e8e4d8244dd2cee

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:35 GMT
Content-Encoding: gzip
Server: nginx
Age: 256
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv02-osk01-jp (ApacheTrafficServer-second [uScHs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScHs f p eN:t cCHp s ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 406

GET
H/1.1 200
OK btn_next.png
mix.pendrawing.work/library/common2/image/9999/ 40 KB
41 KB 20ms
19ms Image
image/png 153.120.99.232
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mix.pendrawing.work/library/common2/image/9999/btn_next.png
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 153.120.99.232 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 552ee7405389d52857edc1aed6d812aacb5af7e66ef18993e963e4c02ee6ed9d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Nov 2018 01:18:54 GMT
Server: nginx
ETag: W/"5bf4b27e-a165"
Vary: Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13415/b3/0/ 769 B
881 B 10ms
9ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13415/b3/0/
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: bf2c1fe66bac94f021438d050e6953fc3e2ecf17769c629378343ccbbb928869

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:35 GMT
Content-Encoding: gzip
Server: nginx
Age: 237
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv11-osk01-jp (ApacheTrafficServer-second [uScHs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScHs f p eN:t cCHp s ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 400

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13416/6c/0/ 769 B
881 B 9ms
9ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13416/6c/0/
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: b698bcaa1028cb79019d39cc5f602fc06273dd2fe09bef2b0c30a158b1fe368f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:35 GMT
Content-Encoding: gzip
Server: nginx
Age: 256
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv01-osk01-jp (ApacheTrafficServer-second [uScHs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScHs f p eN:t cCHp s ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 400

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13413/f0/0/ 753 B
878 B 10ms
10ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13413/f0/0/
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: 6f07d6260d39c7ae6cccc3a0a338ebc2f80879baebba409b9aaf84418a6426e3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:35 GMT
Content-Encoding: gzip
Server: nginx
Age: 256
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv12-osk01-jp (ApacheTrafficServer-second [uScHs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScSsSfUpSeN:t cCSpSs ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 397

GET
H/1.1 200
OK attend.png
mix.pendrawing.work/library/common2/image/9999/ 1 KB
2 KB 19ms
18ms Image
image/png 153.120.99.232
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mix.pendrawing.work/library/common2/image/9999/attend.png
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 153.120.99.232 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: c3bab36ea303789930b21c562b4e41fa93e63189813d1e8b2e8f1281af45f579

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Nov 2018 01:18:54 GMT
Server: nginx
ETag: W/"5bf4b27e-57a"
Vary: Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13421/22/0/ 766 B
887 B 10ms
9ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13421/22/0/
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: f48f05edd87baa4c4c60e77afc800d9b8fe03f50c7eabab30766e979c9900bd6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:35 GMT
Content-Encoding: gzip
Server: nginx
Age: 256
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv05-osk01-jp (ApacheTrafficServer-second [uScRs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScSsSfUpSeN:t cCSpSs ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 406

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13414/34/0/ 753 B
878 B 10ms
10ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13414/34/0/
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: 44660955a93d08acd03010ade61cd4f5b1971bc2eea034b252074ac55d33e542

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:35 GMT
Content-Encoding: gzip
Server: nginx
Age: 256
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv01-osk01-jp (ApacheTrafficServer-second [uScHs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScHs f p eN:t cCHp s ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 397

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13417/ba/0/ 819 B
859 B 10ms
9ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13417/ba/0/
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: 2e8d297b39512ecc1b22d408ccf8d598fd17d949cbce54654dac395d015034ce

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:35 GMT
Content-Encoding: gzip
Server: nginx
Age: 256
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv09-osk01-jp (ApacheTrafficServer-second [uScRs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScSsSfUpSeN:t cCSpSs ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 378

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13418/21/0/ 769 B
881 B 10ms
9ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13418/21/0/
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: 4d6455d30d6a50db59df691a9d4f537b126f5488b5f9aea727fe584bcc4d71fb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:35 GMT
Content-Encoding: gzip
Server: nginx
Age: 256
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv16-osk01-jp (ApacheTrafficServer-second [uScSsSfUpSeN:t cCSp sS]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScHs f p eN:t cCHp s ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 400

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13419/3a/0/ 769 B
881 B 10ms
9ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13419/3a/0/
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: 84a0b566c30bbae1ab0a74abd082817fc38b3a4552e18e0009592868dca5089c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:35 GMT
Content-Encoding: gzip
Server: nginx
Age: 256
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv03-osk01-jp (ApacheTrafficServer-second [uScRs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScSsSfUpSeN:t cCSpSs ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 156ms
75ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: wtag.estlier.net
URL: http://wtag.estlier.net/tagapi1.0/13420/61/0/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

sffe /

Resource Hash

f5bf9d072bf7b06a3c97749fc66b1062367e57ca21b963242ed0d68ac3f542c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28438
x-xss-protection: 0
server: sffe
etag: "1221 / 22 of 1000 / last-modified: 1653044977"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 20 May 2022 19:43:35 GMT

GET
H/1.1 200
OK compass.js Show response
j.microad.net/js/ 109 KB
25 KB 13ms
3ms Script
application/javascript 104.71.157.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://j.microad.net/js/compass.js
Requested by: Host: wtag.estlier.net
URL: http://wtag.estlier.net/tagapi1.0/13417/ba/0/
Protocol: HTTP/1.1
Server: 104.71.157.62 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-71-157-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc39e377fbff0ed82d8889ef8174b724ae80eab5c738d59b3712b10a03c2e0b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 11:47:47 GMT
Server: Apache
ETag: "1b5aa-gzip"
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: public, max-age=539705
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 25317
Expires: Fri, 27 May 2022 01:38:40 GMT

GET
H/1.1 200
OK head_bg.jpg
mix.pendrawing.work/library/common2/image/9999/ 21 KB
21 KB 19ms
19ms Image
image/jpeg 153.120.99.232
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mix.pendrawing.work/library/common2/image/9999/head_bg.jpg
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/library/common2/css/style.css
Protocol: HTTP/1.1
Server: 153.120.99.232 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 041053bf14801c188b712d537f46f6a8e941d34e45d470f054502bd319db898b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/library/common2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Nov 2018 01:18:55 GMT
Server: nginx
ETag: W/"5bf4b27f-5282"
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK foot_bg.png
mix.pendrawing.work/library/common2/image/9999/ 74 KB
74 KB 19ms
19ms Image
image/png 153.120.99.232
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mix.pendrawing.work/library/common2/image/9999/foot_bg.png
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/library/common2/css/style.css
Protocol: HTTP/1.1
Server: 153.120.99.232 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 2156308e1b8b2bf5848d31bb935b167949dbe7af97c41ed5656860977b2db149

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/library/common2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Nov 2018 01:18:55 GMT
Server: nginx
ETag: W/"5bf4b27f-129ec"
Vary: Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK cookie_loader.html Show response
cache.send.microad.jp/js/ Frame B365 2 KB
2 KB 16ms
4ms Document
text/html 14.0.42.24
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microad.jp/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.42.24 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 1909
Content-Type: text/html
Date: Fri, 20 May 2022 19:43:35 GMT
ETag: "10cf9c751f3fdad8c8784c6bf8cee57a"
Last-Modified: Thu, 28 Oct 2021 12:57:38 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PSrbJP1tu67:9 (W), 1.1 PSrbdjTYO3fx116:6 (W)
X-Px: ht PSrbdjTYO3fx116HND
X-Ws-Request-Id: 6287ef67_PSrbdjTYO3hy174_25046-63211
x-amz-id-2: 39syy1FzfVdhuE5XIArdiN0q/0HrDX1FtRGqkU4DS66sTswd3J0MaFsDYYRGZimU/3/2pJaptoQ=
x-amz-request-id: PCSZ1R902WJT8HE5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7

GET
H/1.1 200
200 ad Show response
s-rtb.send.microad.jp/ 1 KB
2 KB 365ms
126ms Script
text/javascript 202.233.84.3
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microad.jp/ad?spot=e8a3311f778f0b6bf89a619e96ad1c74&cb=microadCompass.AdRequestor.callback&url=http%3A%2F%2Fmix.pendrawing.work%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=5a6e19f9faa5340180e2ff2da1

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.3 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

aa2a0f74b09e1faed0e0de17fca993ca637a7737914f2ebe92ae726c502b05a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1403
X-XSS-Protection: 1; mode=block

GET
H2 200 sync Show response
gum.criteo.com/ Frame B365 45 B
369 B 11ms
3ms Script
text/javascript 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=46&r=2&j=handleData

Requested by

Host: cache.send.microad.jp
URL: https://cache.send.microad.jp/js/cookie_loader.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

f82eeb7d741fcdd22be2f05939c7196ba620b539243541c6a56ab6cd62462613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cache.send.microad.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:35 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1090
strict-transport-security: max-age=31536000; preload;
content-length: 161
expires: 60

GET
H2 200 pubads_impl_2022051701.js Show response
securepubads.g.doubleclick.net/gpt/ 366 KB
124 KB 3ms
2ms Script
text/javascript 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

sffe /

Resource Hash

3bd4eb2ece0fe98f279a14bb2b61ecbbcd501a598b50f1f8b211f76ecd420996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127273
x-xss-protection: 0
last-modified: Tue, 17 May 2022 08:34:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 20 May 2023 07:50:30 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 77 B
100 B 81ms
42ms XHR
application/json 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mix.pendrawing.work

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

59219f44e2e1706a46b43b6f9406b18b49c8608be327d01778620203c586854a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 19:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75
x-xss-protection: 0
expires: Fri, 20 May 2022 19:43:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 122ms
40ms Script
application/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=mix.pendrawing.work

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 19:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 152ms
41ms Script
application/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mix.pendrawing.work

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 19:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
9 KB 811ms
811ms XHR
text/plain 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2650085643013718&correlator=2426863198908624&eid=31067610&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=9116787%3A22477199244%2C1355773&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60%7C728x90&ifi=1&adks=2410334956&sfv=1-0-38&ecs=20220520&fsapi=false&sc=0&cookie_enabled=1&abxe=1&dt=1653075816026&lmt=1542763133&dlt=1653075815339&idt=618&biw=1600&bih=1200&adxs=436&adys=692&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fmix.pendrawing.work%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x60&fws=0&ohw=0&ga_vid=505582447.1653075816&ga_sid=1653075816&ga_hid=214191309&ga_fc=false&btvi=0&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

7f16caa3fe51afab00322e65195792d454d3ee3283747f2cc4061a50d5f03949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8905
x-xss-protection: 0
google-lineitem-id: 5714033898
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138352711399
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://mix.pendrawing.work
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 272ms
271ms XHR
text/plain 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2650085643013718&correlator=2426863198908624&eid=31067610&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=9116787%3A22477199244%2C1355768&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C300x250&ifi=2&adks=3496579917&sfv=1-0-38&ecs=20220520&fsapi=false&sc=0&cookie_enabled=1&abxe=1&dt=1653075816032&lmt=1542763133&dlt=1653075815339&idt=618&biw=1600&bih=1200&adxs=490&adys=857&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fmix.pendrawing.work%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&fws=0&ohw=0&ga_vid=505582447.1653075816&ga_sid=1653075816&ga_hid=214191309&ga_fc=false&btvi=0&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

0b086d65e6f1d5424428e48228fd74ec244929488a87e7b1646c73c57ad7308e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8981
x-xss-protection: 0
google-lineitem-id: 5713905032
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138352439506
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://mix.pendrawing.work
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 493ms
493ms XHR
text/plain 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2650085643013718&correlator=2426863198908624&eid=31067610&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=9116787%3A22477199244%2C1355769&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C300x250&ifi=3&adks=1199409022&sfv=1-0-38&ecs=20220520&fsapi=false&sc=0&cookie_enabled=1&abxe=1&dt=1653075816033&lmt=1542763133&dlt=1653075815339&idt=618&biw=1600&bih=1200&adxs=810&adys=857&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fmix.pendrawing.work%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&fws=0&ohw=0&ga_vid=505582447.1653075816&ga_sid=1653075816&ga_hid=214191309&ga_fc=false&btvi=0&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

feedf912c78909d93d37627ad74441bbe5f87c354e31b595523c2b0bb434685a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8959
x-xss-protection: 0
google-lineitem-id: 5713910087
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138352440817
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://mix.pendrawing.work
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 644ms
643ms XHR
text/plain 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2650085643013718&correlator=2426863198908624&eid=31067610&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=9116787%3A22477199244%2C1355766&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ifi=4&adks=3541159802&sfv=1-0-38&ecs=20220520&fsapi=false&sc=0&cookie_enabled=1&abxe=1&dt=1653075816035&lmt=1542763133&dlt=1653075815339&idt=618&biw=1600&bih=1200&adxs=566&adys=1112&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fmix.pendrawing.work%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=468x60&msz=468x60&fws=0&ohw=0&ga_vid=505582447.1653075816&ga_sid=1653075816&ga_hid=214191309&ga_fc=false&btvi=0&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

3b8619b62c3655d956641cbeaae480ca70ed8c947821fab3f21746ed4eedfe3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9284
x-xss-protection: 0
google-lineitem-id: 5712106551
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138352438054
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://mix.pendrawing.work
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 1562ms
1561ms XHR
text/plain 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2650085643013718&correlator=2426863198908624&eid=31067610&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=9116787%3A22477199244%2C1355774&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60%7C728x90&ifi=5&adks=1775335028&sfv=1-0-38&ecs=20220520&fsapi=false&sc=0&cookie_enabled=1&abxe=1&dt=1653075816037&lmt=1542763133&dlt=1653075815339&idt=618&biw=1600&bih=1200&adxs=416&adys=1478&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fmix.pendrawing.work%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x60&fws=0&ohw=0&ga_vid=505582447.1653075816&ga_sid=1653075816&ga_hid=214191309&ga_fc=false&btvi=1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

ce929277cc781d152acdc7b2ac0be8afa45cb6a227e2a6b369cf910650b8d405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
google-lineitem-id: 5715184303
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138352711831
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://mix.pendrawing.work
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 1193ms
1192ms XHR
text/plain 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2650085643013718&correlator=2426863198908624&eid=31067610&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=9116787%3A22477199244%2C1355767&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ifi=6&adks=3045664903&sfv=1-0-38&ecs=20220520&fsapi=false&sc=0&cookie_enabled=1&abxe=1&dt=1653075816038&lmt=1542763133&dlt=1653075815339&idt=618&biw=1600&bih=1200&adxs=546&adys=1573&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fmix.pendrawing.work%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=468x60&msz=468x60&fws=0&ohw=0&ga_vid=505582447.1653075816&ga_sid=1653075816&ga_hid=214191309&ga_fc=false&btvi=2&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

3ea41b841eeb7150c95623bda77d75181d17f5c673e4240067ffabedf9678b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
google-lineitem-id: 5713902842
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138352424524
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://mix.pendrawing.work
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 1384ms
1383ms XHR
text/plain 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2650085643013718&correlator=2426863198908624&eid=31067610&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=9116787%3A22477199244%2C1355771&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C300x250&ifi=7&adks=3253911751&sfv=1-0-38&ecs=20220520&fsapi=false&sc=0&cookie_enabled=1&abxe=1&dt=1653075816040&lmt=1542763133&dlt=1653075815339&idt=618&biw=1600&bih=1200&adxs=790&adys=1638&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fmix.pendrawing.work%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&fws=0&ohw=0&ga_vid=505582447.1653075816&ga_sid=1653075816&ga_hid=214191309&ga_fc=false&btvi=3&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

46fcdd810f405b3fdcba6dcc947de0d88acea89412c8aa4ec1bc1a3ce19c7cb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9328
x-xss-protection: 0
google-lineitem-id: 5713911833
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138352441186
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://mix.pendrawing.work
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 1011ms
1011ms XHR
text/plain 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2650085643013718&correlator=2426863198908624&eid=31067610&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=9116787%3A22477199244%2C1355772&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250&ifi=8&adks=3645974286&sfv=1-0-38&ecs=20220520&fsapi=false&sc=0&cookie_enabled=1&abxe=1&dt=1653075816042&lmt=1542763133&dlt=1653075815339&idt=618&biw=1600&bih=1200&adxs=630&adys=1893&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fmix.pendrawing.work%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&fws=0&ohw=0&ga_vid=505582447.1653075816&ga_sid=1653075816&ga_hid=214191309&ga_fc=false&btvi=4&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

fe8657e3194b70101aa7becfdc36e9161a907a58ac13716a75090c746000cc05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8958
x-xss-protection: 0
google-lineitem-id: 5713315339
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138352432825
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://mix.pendrawing.work
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f7bbcc7f11035f8e667ee7fc840ea556.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D883 6 KB
4 KB 124ms
38ms Document
text/html 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f7bbcc7f11035f8e667ee7fc840ea556.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 19:43:36 GMT
expires: Sat, 20 May 2023 19:43:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13417/ba/2/ Frame A6B2 388 B
729 B 9ms
9ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13417/ba/2/
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: 574f6dd6662043cb8cb856d2ac83540cf7afbdbcd0fabcb484d757e6e1ce82b3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
Content-Encoding: gzip
Server: nginx
Age: 252
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv05-osk01-jp (ApacheTrafficServer-second [uScRs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScSsSfUpSeN:t cCSpSs ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 248

GET
H/1.1 200
200 ic
ssp.send.microad.jp/ 43 B
500 B 466ms
115ms Image
image/gif 202.233.84.16
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microad.jp/ic?ep=5YofvaAxHT4CNeoBs9xMJhZpLKOJ71Zl5TZdf1euZSrAa80FXG5AddCUDqEmpQ8Or68BclSsBtGQu8y0yKQz_H_kXk_q7nluXSTWAUxqULGIsBPx7mzeHm92UWJZ6D7ZoGpUdVR0-_VWuTJOj655fnUk8sH8rqSxsLAz8Q590opr1AhYOUpF8qVUedeA
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.16 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: image/gif
Content-Length: 57

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://aid.send.microad.jp/asr?v=1&code=LkV6T8kjJNI&format=pixel
https://sync.search.spotxchange.com/partner?adv_id=8837&uid=5Nq3nZ0OK5GR0w5Xfl6dylBv94dV6zZkEL8zUnrACxlOrkTH6TY4AA
https://sync.search.spotxchange.com/partner?adv_id=8837&uid=5Nq3nZ0OK5GR0w5Xfl6dylBv94dV6zZkEL8zUnrACxlOrkTH6TY4AA&__user_check__=1&sync_id=2401a45e-d875-11ec-a1dd-12a3d7700507

43 B
547 B

70ms
70ms

Image
image/gif

103.71.26.126
SPOTX-AS-AP SpotX...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=8837&uid=5Nq3nZ0OK5GR0w5Xfl6dylBv94dV6zZkEL8zUnrACxlOrkTH6TY4AA&__user_check__=1&sync_id=2401a45e-d875-11ec-a1dd-12a3d7700507
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 103.71.26.126 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 1
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 20 May 2022 19:43:36 GMT
Server: nginx
Location: /partner?adv_id=8837&uid=5Nq3nZ0OK5GR0w5Xfl6dylBv94dV6zZkEL8zUnrACxlOrkTH6TY4AA&__user_check__=1&sync_id=2401a45e-d875-11ec-a1dd-12a3d7700507
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 52
Connection: keep-alive
Content-Length: 0

GET
H2 200 f.js Show response
cdn-fluct.sh.adingo.jp/ Frame A6B2 3 KB
3 KB 49ms
37ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000104664
Requested by: Host: wtag.estlier.net
URL: http://wtag.estlier.net/tagapi1.0/13417/ba/2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:36 GMT
via: 1.1 google
last-modified: Mon, 12 Apr 2021 01:23:17 GMT
server: nginx
etag: "cf5ec206a0bc2705586f1c0fb0bd458b"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2747
expires: Fri, 20 May 2022 20:43:36 GMT

GET
H2 200 / Show response
sh.adingo.jp/ Frame A6B2 6 KB
3 KB 46ms
26ms Script
application/x-javascript 54.199.239.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/?G=1000104664&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=85435304483002&guid=ON

Requested by

Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000104664

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.199.239.233 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-199-239-233.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7bdd36ecd3c9ab8a6a09074adfd27cb4422f6f128b95009440b7e52a1cfdff44

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 19:43:36 GMT
server: nginx
vary: Accept-Encoding
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
content-type: application/x-javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A4BF 0
0 41ms
41ms Fetch
image/gif 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9Y9kym9LA3zwAHSmWBvKuVhri4W5Y3-flp5IWWLo-8iXudC6G2v9thPDdtVmNaqPzyTR2Z-_WuRDqQUKfNACQaJY69O76bXDNUYCC2O9pn2TTqSdRveN73-wgeZTHmu3alckrtd6fCZX_edLtO7docq_wHwfZtWhcD5bkzSnkvkKDqMaBvCoXMAmmxwtX8f2SaOg8DawjalCUzMkTn5i2wKnoxMb3B5I6kJsIDt_ZgwSQvln2zaWx3TNtaBGFjHbYK-OZjVgbkuTxV3Sw9dUwAC_PyN4oifQpkwHTimPjn4YuHuStMh-v&sai=AMfl-YQYzilJ7Egn8aFD2Xwk6k3rfzHBeFu51ODsuRnnwq7FLNeZBCPQFaALO3SCLst05AvmFCcp3cLGiTV3rRE5W87yYw_oDzt3wNeLw6EZTO6AXroJa-6YifaHgZQun1dO&sig=Cg0ArKJSzKms8yE9ftD4EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 19:43:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 20 May 2022 19:43:36 GMT

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13415/b3/20/ Frame A4BF 819 B
857 B 9ms
8ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13415/b3/20/
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: db93b2ba578c567e3795945d34ac943b2205075376cda840b003176f9ad4e8cc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
Content-Encoding: gzip
Server: nginx
Age: 89
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv02-osk01-jp (ApacheTrafficServer-second [uScSsSfUpSeN:t cCSp sS]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScHs f p eN:t cCHp s ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 377

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A4BF 135 KB
42 KB 144ms
63ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 May 2022 19:43:36 GMT

GET
H/1.1 200
OK compass.js Show response
j.microad.net/js/ Frame C379 109 KB
25 KB 3ms
3ms Script
application/javascript 104.71.157.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://j.microad.net/js/compass.js
Requested by: Host: sh.adingo.jp
URL: https://sh.adingo.jp/?G=1000104664&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=85435304483002&guid=ON
Protocol: HTTP/1.1
Server: 104.71.157.62 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-71-157-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc39e377fbff0ed82d8889ef8174b724ae80eab5c738d59b3712b10a03c2e0b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 11:47:47 GMT
Server: Apache
ETag: "1b5aa-gzip"
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: public, max-age=539704
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 25317
Expires: Fri, 27 May 2022 01:38:40 GMT

GET
H2 200 /
i.adingo.jp/ Frame A6B2 43 B
409 B 15ms
5ms Image
image/gif 54.92.2.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.adingo.jp/?p=l75olctLqjFgMpQdnqf6aYLDxzoHvIU59GUrsuc-IpaMvdOWKdWv3TpyN1wCHma64iUCqLby0ccJ6Zv9yiuQrRUSZQZKFXFGdAYEUwR-m1FjrDqDsqgoIHSbqWX2CsUjbpihVfUSH9h9LfJkap9vRhDn5T0wGDq5Jt7vZdQ0hyoyHCF4tUJRLsRh8kpmwPXZNo7-JqkQg5k65LNz9xF7FGsIclWJc2ObXoiGsGzH9oPWzootwAAQzFOGnw79XO1vgmJnHDizPc25DWrkQsRrPQNrhby6ovCxeZywATb_egHMxq6_lfvJf-kXmdaQQikK7Yamd9WLZb798CUM7wMZyWbNrg..&v=0eQE7Vcgl6wFLYu0&k=3&R=
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.2.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-92-2-218.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:36 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK compass.js Show response
j.microad.net/js/ Frame A4BF 109 KB
25 KB 5ms
3ms Script
application/javascript 104.71.157.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://j.microad.net/js/compass.js
Requested by: Host: wtag.estlier.net
URL: http://wtag.estlier.net/tagapi1.0/13415/b3/20/
Protocol: HTTP/1.1
Server: 104.71.157.62 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-71-157-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc39e377fbff0ed82d8889ef8174b724ae80eab5c738d59b3712b10a03c2e0b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 11:47:47 GMT
Server: Apache
ETag: "1b5aa-gzip"
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: public, max-age=539704
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 25317
Expires: Fri, 27 May 2022 01:38:40 GMT

GET
H/1.1 200
OK cookie_loader.html Show response
cache.send.microad.jp/js/ Frame E371 2 KB
2 KB 4ms
4ms Document
text/html 14.0.42.24
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microad.jp/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.42.24 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 1909
Content-Type: text/html
Date: Fri, 20 May 2022 19:43:36 GMT
ETag: "10cf9c751f3fdad8c8784c6bf8cee57a"
Last-Modified: Thu, 28 Oct 2021 12:57:38 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PSrbJP1tu67:9 (W), 1.1 PSrbdjTYO3fx116:6 (W)
X-Px: ht PSrbdjTYO3fx116HND
X-Ws-Request-Id: 6287ef68_PSrbdjTYO3hy174_25046-63232
x-amz-id-2: 39syy1FzfVdhuE5XIArdiN0q/0HrDX1FtRGqkU4DS66sTswd3J0MaFsDYYRGZimU/3/2pJaptoQ=
x-amz-request-id: PCSZ1R902WJT8HE5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7

GET
H/1.1 200
200 ad Show response
s-rtb.send.microad.jp/ Frame C379 2 KB
2 KB 344ms
116ms Script
text/javascript 202.233.84.3
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microad.jp/ad?spot=13c6889cc2008edc9e30419bcb2e08a2&cb=microadCompass.AdRequestor.callback&url=http%3A%2F%2Fmix.pendrawing.work%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=9f40d3411106100180e2ff2fc2

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.3 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

e4a03c84266e33eb4bd36c94f93eb0154dc6db80a6b9346e56c901cb53e177f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1690
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cookie_loader.html Show response
cache.send.microad.jp/js/ Frame 6D71 2 KB
2 KB 4ms
4ms Document
text/html 14.0.42.24
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microad.jp/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.42.24 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 1909
Content-Type: text/html
Date: Fri, 20 May 2022 19:43:36 GMT
ETag: "10cf9c751f3fdad8c8784c6bf8cee57a"
Last-Modified: Thu, 28 Oct 2021 12:57:38 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PSrbJP1tu67:9 (W), 1.1 PSrbdjTYO3fx116:6 (W)
X-Px: ht PSrbdjTYO3fx116HND
X-Ws-Request-Id: 6287ef68_PSrbdjTYO3hy174_25046-63234
x-amz-id-2: 39syy1FzfVdhuE5XIArdiN0q/0HrDX1FtRGqkU4DS66sTswd3J0MaFsDYYRGZimU/3/2pJaptoQ=
x-amz-request-id: PCSZ1R902WJT8HE5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7

GET
H/1.1 200
200 ad Show response
s-rtb.send.microad.jp/ Frame A4BF 1 KB
2 KB 359ms
128ms Script
text/javascript 202.233.84.3
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microad.jp/ad?spot=891c57f379dd9e0cc3f7c7239783784d&cb=microadCompass.AdRequestor.callback&url=http%3A%2F%2Fmix.pendrawing.work%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=c6f661e052cdc80180e2ff2fcd

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.3 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

3ac41f480e85e13ff84150d135f7cd0ff080ec57cad7a640a08b4c610580a496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1403
X-XSS-Protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 44C9 0
0 41ms
39ms Fetch
image/gif 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsur_vwIYvVqUZ-lTk-rJNt2OqLJ5i4y6sQ9QnIjpUYv1y98Yshsp1Wn71ug2aZqrrkThulHXw_W3HKvpEMfvKZw7TZJUc-vFvvzS7GZ2H_PSgEX0Yrk7Ri_9NpgwfWQZWNrHhVpOQYoNSze4J_2E14jNWKvuXmaqhcOdHJwXIX42s06fUK8aqCO9YIfu6PIBB-RB4f7tb52PfB1DZn7bL6FK7S-5SmYd9y5N1No6cuzXxuh_ni0YdNG6QkiEdRIH6Tsxr8bAX9RwpGROIE1u-uHcMNBnAeBoZ6QKqgY5-Kpsot_0W0rIov3&sai=AMfl-YR_kV8XWG8-3IEweUhbHFK8G_dPx1aVAUvUXwLyLsSinTMEjc3slbu3-3xr_-MVDfdHSTWmqD28_pmHiwFUZRXvdk7Zz3NAl6z0zJwhJZycLqKfUrOt_V43BKCxj5hc&sig=Cg0ArKJSzJ9Kq5_Ol5-lEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 19:43:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13416/6c/20/ Frame 44C9 819 B
858 B 11ms
9ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13416/6c/20/
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: ab4c8a23da2dfb536d92bdd3a3ae700366616940aa8a4ac3452700db43cc3360

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
Content-Encoding: gzip
Server: nginx
Age: 246
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv11-osk01-jp (ApacheTrafficServer-second [uScRs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScSsSfUpSeN:t cCSpSs ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 377

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44C9 135 KB
41 KB 108ms
68ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 May 2022 19:43:36 GMT

GET
DATA 200
OK truncated
/ Frame A4BF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be4914b89b0eb4957b9d50fff1753e0b51007ad111fb3a4262a30fc119d111af

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK compass.js Show response
j.microad.net/js/ Frame 44C9 109 KB
25 KB 3ms
3ms Script
application/javascript 104.71.157.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://j.microad.net/js/compass.js
Requested by: Host: wtag.estlier.net
URL: http://wtag.estlier.net/tagapi1.0/13416/6c/20/
Protocol: HTTP/1.1
Server: 104.71.157.62 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-71-157-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc39e377fbff0ed82d8889ef8174b724ae80eab5c738d59b3712b10a03c2e0b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 11:47:47 GMT
Server: Apache
ETag: "1b5aa-gzip"
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: public, max-age=539704
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 25317
Expires: Fri, 27 May 2022 01:38:40 GMT

GET
H/1.1 200
OK cookie_loader.html Show response
cache.send.microad.jp/js/ Frame 18AD 2 KB
2 KB 4ms
4ms Document
text/html 14.0.42.24
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microad.jp/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.42.24 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 1909
Content-Type: text/html
Date: Fri, 20 May 2022 19:43:36 GMT
ETag: "10cf9c751f3fdad8c8784c6bf8cee57a"
Last-Modified: Thu, 28 Oct 2021 12:57:38 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PSrbJP1tu67:9 (W), 1.1 PSrbdjTYO3fx116:6 (W)
X-Px: ht PSrbdjTYO3fx116HND
X-Ws-Request-Id: 6287ef68_PSrbdjTYO3hy174_25046-63242
x-amz-id-2: 39syy1FzfVdhuE5XIArdiN0q/0HrDX1FtRGqkU4DS66sTswd3J0MaFsDYYRGZimU/3/2pJaptoQ=
x-amz-request-id: PCSZ1R902WJT8HE5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7

GET
H/1.1 200
200 ad Show response
s-rtb.send.microad.jp/ Frame 44C9 1 KB
2 KB 353ms
125ms Script
text/javascript 202.233.84.3
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microad.jp/ad?spot=fe50613ac8952494c0fa3392f6991330&cb=microadCompass.AdRequestor.callback&url=http%3A%2F%2Fmix.pendrawing.work%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=3ed1e427a78eaa0180e2ff30a8

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.3 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

f146d1b4cf943e122348d9d6f689f4a3072fe7167dbcccad614316f5f9bd36fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1277
X-XSS-Protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 44C9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 109ae4384e7db8d85b98b24a4fc0ec9819103c62ab5f685bbc588c6b6ba8e9d7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B1E2 0
0 42ms
41ms Fetch
image/gif 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxqLaJuEsm3LjayLk2478BFcJ0hMkFSBiEazyHz8-JREegMWhQCwD-5dlv_IL3VBTRjfMVUYB6WksA7Tv4QR42xDb8x3lZ9XzLLIR96N8MyIsaZ78rE3BVZ7p0m_lKJgarPZ-X-2_v8gWNRxaKT1QIuI8AB5pzcoDnOu7Lke56FQ1BIP_DWF86p6diCts81QGMWF7pbb1nnszTNhv3F4Ws5krEK0YzBbTwp-sSHD0-kzOLMzISsIHDyk_Xa9ot81jPYSbijwsWS20ilTuoxiD6P21RZ0PWoZjanciXkBdmGGDOulby28mY&sai=AMfl-YRm7HDxs2qeDmM1oVd_rDO_CrsU5sRLq3eKQnMOLckiQIkf_HvXwjJB6r1e_hFwnYNnJob5scEH8cKi7luAxv8iG9lZ_19Zibmj-sskI1pK08SeIoYN07zSvY53cNs2&sig=Cg0ArKJSzDgn7AmFPAfxEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 19:43:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13413/f0/20/ Frame B1E2 819 B
857 B 9ms
8ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13413/f0/20/
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: 67a288d2fb8b4a78e9f91ac03ad4d2f29db46c628285fa649b946fcf50bed5e3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
Content-Encoding: gzip
Server: nginx
Age: 249
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv08-osk01-jp (ApacheTrafficServer-second [uScHs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScHs f p eN:t cCHp s ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 376

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B1E2 135 KB
41 KB 120ms
120ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 May 2022 19:43:36 GMT

GET
H/1.1 200
OK compass.js Show response
j.microad.net/js/ Frame B1E2 109 KB
25 KB 3ms
3ms Script
application/javascript 104.71.157.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://j.microad.net/js/compass.js
Requested by: Host: wtag.estlier.net
URL: http://wtag.estlier.net/tagapi1.0/13413/f0/20/
Protocol: HTTP/1.1
Server: 104.71.157.62 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-71-157-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc39e377fbff0ed82d8889ef8174b724ae80eab5c738d59b3712b10a03c2e0b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 11:47:47 GMT
Server: Apache
ETag: "1b5aa-gzip"
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: public, max-age=539704
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 25317
Expires: Fri, 27 May 2022 01:38:40 GMT

GET
H2 200 adstir.js Show response
js.ad-stir.com/js/ Frame C3A8 62 KB
17 KB 17ms
2ms Script
text/javascript 13.33.174.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-stir.com/js/adstir.js
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.174.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-174-20.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5b251926f2de2a103761d5e5233d01f07a32c00545bffc4379ee1bc918a116b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:32:29 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 02:52:51 GMT
server: AmazonS3
age: 668
etag: W/"7b46a56c4cdf94d98ef34c2fdc9fea0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: NRT57-C2
x-amz-cf-id: 9xw_zwCl9LGPXmfGLboox7VO8leBbw4BvaQDQrhbZY6uXxQfA5wJBg==

GET
H/1.1 200
200 ic
ssp.send.microad.jp/ Frame C379 43 B
500 B 343ms
115ms Image
image/gif 202.233.84.16
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microad.jp/ic?ep=5YofvaCtzqEBritjVTLNMtp2qfk951SMTwPY43pW5lEm3k9JO6kk6sNK6DjgPOGw_C5SkPsvBfkzfKgr23rVZbl9sPG5byqM8qfVKe-tNC6fcuVsKPf7MDz3ArjyYw3JI60w6keqHWyQIPjk6DseiO6n8elfaeQ6l3rhfPzkPDQ4p3TU-rRKcgXZJQKo
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.16 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: image/gif
Content-Length: 57

GET
H/1.1

200
OK

microad2big.png
bigmining.com/pixel/ Frame C379
Redirect Chain

https://aid.send.microad.jp/asr?v=1&code=XtrNLKLWme8&format=pixel
https://bigmining.com/pixel/microad2big.png?id=1_QWUOwaRK8kK3C7ga3ur6_NW08UTVWYioS5boaPEKghQsNkBUAQBw

95 B
503 B

25ms
5ms

Image
image/png

18.180.182.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigmining.com/pixel/microad2big.png?id=1_QWUOwaRK8kK3C7ga3ur6_NW08UTVWYioS5boaPEKghQsNkBUAQBw
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 18.180.182.210 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-180-182-210.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Last-Modified: Mon, 10 Feb 2020 13:42:11 GMT
ETag: "5e415db3-5f"
P3P: CP="UNI CUR OUR", CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 95

Redirect headers

Date: Fri, 20 May 2022 19:43:37 GMT
Server: Apache
Location: https://bigmining.com/pixel/microad2big.png?id=1_QWUOwaRK8kK3C7ga3ur6_NW08UTVWYioS5boaPEKghQsNkBUAQBw
Strict-Transport-Security: max-age=3600
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
cache-control: no-cache
Connection: close
Content-Type
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 0

GET
H2

200

/
cs.adingo.jp/sync/ Frame C379
Redirect Chain

https://aid.send.microad.jp/asr?v=1&code=wjYYWZkhlE4&format=pixel
https://cs.adingo.jp/sync/?from=universe&id=G-hSg49WN7Y1m8vjHEseIiLGwDSYdBQl3G8zNV-HRUDa3Ubv7SI_Kw

43 B
424 B

5ms
4ms

Image
image/gif

13.113.134.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=universe&id=G-hSg49WN7Y1m8vjHEseIiLGwDSYdBQl3G8zNV-HRUDa3Ubv7SI_Kw
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Server: 13.113.134.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-134-169.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
expires: Wed, 17 Sep 1975 21:32:10 GMT

Redirect headers

Date: Fri, 20 May 2022 19:43:37 GMT
Server: Apache
Location: https://cs.adingo.jp/sync/?from=universe&id=G-hSg49WN7Y1m8vjHEseIiLGwDSYdBQl3G8zNV-HRUDa3Ubv7SI_Kw
Strict-Transport-Security: max-age=3600
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
cache-control: no-cache
Connection: close
Content-Type
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 0

GET
H/1.1 200
OK cookie_loader.html Show response
cache.send.microad.jp/js/ Frame 3A2C 2 KB
2 KB 4ms
4ms Document
text/html 14.0.42.24
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microad.jp/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.42.24 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 1909
Content-Type: text/html
Date: Fri, 20 May 2022 19:43:36 GMT
ETag: "10cf9c751f3fdad8c8784c6bf8cee57a"
Last-Modified: Thu, 28 Oct 2021 12:57:38 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PSrbJP1tu67:9 (W), 1.1 PSrbdjTYO3fx116:6 (W)
X-Px: ht PSrbdjTYO3fx116HND
X-Ws-Request-Id: 6287ef68_PSrbdjTYO3hy174_25046-63254
x-amz-id-2: 39syy1FzfVdhuE5XIArdiN0q/0HrDX1FtRGqkU4DS66sTswd3J0MaFsDYYRGZimU/3/2pJaptoQ=
x-amz-request-id: PCSZ1R902WJT8HE5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7

GET
H/1.1 200
200 ad Show response
s-rtb.send.microad.jp/ Frame B1E2 1 KB
2 KB 231ms
123ms Script
text/javascript 202.233.84.3
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microad.jp/ad?spot=db21cd1ae33f1e6068c0f51ec06779c5&cb=microadCompass.AdRequestor.callback&url=http%3A%2F%2Fmix.pendrawing.work%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=cb17622afd84f00180e2ff3135

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.3 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

d88751f8b991a5633a4756d7e6fa88aadef1c4c8f81c012b8fe75a2cddf9e5e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1402
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13415/b3/2/ Frame 029F 388 B
728 B 8ms
8ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13415/b3/2/
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: b7164022757cc99fc819165b6c3505a988830dfb7ba9a9b21a0e4ee16e4c4997

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
Content-Encoding: gzip
Server: nginx
Age: 88
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv11-osk01-jp (ApacheTrafficServer-second [uScSsSfUpSeN:t cCSp sS]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScHs f p eN:t cCHp s ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 248

GET
H/1.1

200
OK

microad2big.png
bigmining.com/pixel/ Frame A4BF
Redirect Chain

https://aid.send.microad.jp/asr?v=1&code=XtrNLKLWme8&format=pixel
https://bigmining.com/pixel/microad2big.png?id=1_QWUOwaRK8kK3C7ga3ur6_NW08UTVWYioS5boaPEKghQsNkBUAQBw

95 B
503 B

10ms
5ms

Image
image/png

18.180.182.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigmining.com/pixel/microad2big.png?id=1_QWUOwaRK8kK3C7ga3ur6_NW08UTVWYioS5boaPEKghQsNkBUAQBw
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 18.180.182.210 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-180-182-210.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Last-Modified: Mon, 10 Feb 2020 13:46:28 GMT
ETag: "5e415eb4-5f"
P3P: CP="UNI CUR OUR", CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 95

Redirect headers

Date: Fri, 20 May 2022 19:43:37 GMT
Server: Apache
Location: https://bigmining.com/pixel/microad2big.png?id=1_QWUOwaRK8kK3C7ga3ur6_NW08UTVWYioS5boaPEKghQsNkBUAQBw
Strict-Transport-Security: max-age=3600
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
cache-control: no-cache
Connection: close
Content-Type
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 0

GET
H/1.1 200
200 ic
ssp.send.microad.jp/ Frame A4BF 43 B
500 B 342ms
115ms Image
image/gif 202.233.84.16
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microad.jp/ic?ep=5YofvaCzxIICAmFT7vI5DMLX-F605yjoJAGA_xVP9W6fdPHrnwbgN1T6bPyp0ma6fJTkPQuUs9O_02z2TMpRofCTN_s51ZwhAhxjA2MC8PMM3nGsYRu3srxNtC0G0IvbtwL0N9AamajZzlv6XJWcMSocR8PTxgTzNN5RrIEKuz64Hb2RkosKWImQmqfs
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.16 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: image/gif
Content-Length: 57

GET
H2 404 ad
ad.ad-stir.com/ Frame C3A8 0
0 68ms
9ms Script
text/html 54.64.59.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-stir.com/ad?app_id=MEDIA-f9d91b43&ad_spot_no=5&locale=en&ut=1653075816862&topframe=0&origin=http%3A%2F%2Fmix.pendrawing.work%2F&sw=1600&sh=1200&dpr=1&novideo=0&topurl=1&adstir_media_uid=228e5881-d8d6-42c7-95ff-62e8e90a5a52&adstir_optout=1&callback=AdstirCB5330946242A4873777922
Requested by: Host: js.ad-stir.com
URL: https://js.ad-stir.com/js/adstir.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.59.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-59-131.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 f.js Show response
cdn-fluct.sh.adingo.jp/ Frame 029F 3 KB
3 KB 43ms
38ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000104662
Requested by: Host: wtag.estlier.net
URL: http://wtag.estlier.net/tagapi1.0/13415/b3/2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:36 GMT
via: 1.1 google
last-modified: Mon, 12 Apr 2021 01:23:17 GMT
server: nginx
etag: "cf5ec206a0bc2705586f1c0fb0bd458b"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2747
expires: Fri, 20 May 2022 20:43:36 GMT

GET
H2 200 / Show response
sh.adingo.jp/ Frame 029F 11 KB
4 KB 25ms
25ms Script
application/x-javascript 54.199.239.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/?G=1000104662&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=74778680128762&guid=ON

Requested by

Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000104662

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.199.239.233 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-199-239-233.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d7c9529ec19223478d47d52e7610b45b9cc2c7dfa3b09019b0b35de527f46e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 19:43:36 GMT
server: nginx
vary: Accept-Encoding
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
content-type: application/x-javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 load_adstir_optout.html Show response
js.ad-stir.com/js/ Frame 13AF 546 B
893 B 3ms
2ms Document
text/html 13.33.174.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-stir.com/js/load_adstir_optout.html?url=http://mix.pendrawing.work/
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.174.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-174-20.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afb4895708b7ace5b1431f025508b030af5b4b23a133058744a94de67eeb7c70

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 668
cache-control: max-age=3600
content-length: 546
content-type: text/html; charset=utf-8
date: Fri, 20 May 2022 19:32:29 GMT
etag: "9b806bc4689e00e6824dc1594225523a"
last-modified: Mon, 16 May 2022 02:52:51 GMT
server: AmazonS3
via: 1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
x-amz-cf-id: sS-f5-GANw7PusvXuJQCrkE8T8pSDtzzSnVXfgg5rfhfjt67g0K8qg==
x-amz-cf-pop: NRT57-C2
x-cache: Hit from cloudfront

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5742 15 KB
6 KB 16ms
3ms Document
text/html 23.44.52.240
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Requested by: Host: sh.adingo.jp
URL: https://sh.adingo.jp/?G=1000104662&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=74778680128762&guid=ON
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-52-240.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=144946
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 20 May 2022 19:43:36 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sun, 22 May 2022 11:59:22 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 200
OK sync
sync.fout.jp/ Frame 029F 43 B
527 B 364ms
121ms Image
image/gif 202.232.238.37
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.fout.jp/sync?xid=fluct

Requested by

Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

202.232.238.37 Minato-ku, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=15768000
P3P: CP="ADM NOI OUR"
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/gif

GET
H2

200

/
cs.adingo.jp/sync/ Frame 029F
Redirect Chain

https://bid.socdm.com/rtb/sync?proto=adingo&sspid=adingo&tp=http%3A%2F%2Fmix.pendrawing.work%2F&pp=http%3A%2F%2Fmix.pendrawing.work%2F&t=.gif
https://cs.adingo.jp/sync/?from=scaleout&id=YofvaMCo8HgAAIrIBrgAAAAA

43 B
398 B

17ms
7ms

Image
image/gif

13.113.134.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=scaleout&id=YofvaMCo8HgAAIrIBrgAAAAA
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Server: 13.113.134.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-134-169.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:36 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
expires: Wed, 17 Sep 1975 21:32:10 GMT

Redirect headers

X-SO-Cluster-ID: 6
Date: Fri, 20 May 2022 19:43:36 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=adingo&sspid=adingo&tp=http%3A%2F%2Fmix.pendrawing.work%2F&pp=http%3A%2F%2Fmix.pendrawing.work%2F&t=.gif","cluster_id":6,"gdpr":false,"ipv4":"217.138.252.184","key":"YofvaMCo8HgAAIrIBrgAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40382"}
X-SO-Ads-Time: 2
X-SO-Key: YofvaMCo8HgAAIrIBrgAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40382
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cs.adingo.jp/sync/?from=scaleout&id=YofvaMCo8HgAAIrIBrgAAAAA
Cache-Control: private
X-SO-HostName: a-ad40382.dc2p.scaleout.jp
Connection: keep-alive
Content-Length: 0
X-SO-LB-Hostname: m-ng20.dc4p.scaleout.jp
X-SO-IP: 217.138.252.184

GET
H2

200

/
cs.adingo.jp/sync/ Frame 029F
Redirect Chain

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=fluct
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=fluct&uid-set=1
https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dfluct%26uid%2Dset%3D1%26auid%3D
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=fluct&uid-set=1&auid=3c469ce8-2d7c-46f0-93f0-e49cb8a82055
https://cs.adingo.jp/sync/?from=fbit&id=o7GE-9sHqo9-Q

43 B
386 B

4ms
3ms

Image
image/gif

13.113.134.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=fbit&id=o7GE-9sHqo9-Q
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Server: 13.113.134.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-134-169.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:36 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
expires: Wed, 17 Sep 1975 21:32:10 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 May 2022 19:43:36 GMT
Server: nginx
Location: https://cs.adingo.jp/sync/?from=fbit&id=o7GE-9sHqo9-Q
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 0
expires: -1

GET
H2

200

/
cs.adingo.jp/sync/ Frame 029F
Redirect Chain

https://bypass.ad-stir.com/push_sync?xid=fluct
https://cs.adingo.jp/sync/?from=bypass&id=1c685b34-b560-4c11-876c-31af5887586c

43 B
405 B

15ms
4ms

Image
image/gif

13.113.134.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=bypass&id=1c685b34-b560-4c11-876c-31af5887586c
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Server: 13.113.134.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-134-169.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:36 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
expires: Wed, 17 Sep 1975 21:32:10 GMT

Redirect headers

location: https://cs.adingo.jp/sync/?from=bypass&id=1c685b34-b560-4c11-876c-31af5887586c
date: Fri, 20 May 2022 19:43:36 GMT
content-length: 1
content-type: text/html; charset=utf-8

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame 029F
Redirect Chain

https://x.bidswitch.net/sync?ssp=fluct
https://x.bidswitch.net/ul_cb/sync?ssp=fluct
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=

43 B
641 B

51ms
42ms

Image
image/gif

35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:36 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=
Date: Fri, 20 May 2022 19:43:36 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

/
cs.adingo.jp/sync/ Frame 029F
Redirect Chain

https://api.primecaster.net/adlogue/api/sync/fluct
https://api.primecaster.net/adlogue/api/sync/fluct?uid-set=1
https://cs.adingo.jp/sync/?from=pricas&id=4RYytIrN7N

43 B
386 B

5ms
5ms

Image
image/gif

13.113.134.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=pricas&id=4RYytIrN7N
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Server: 13.113.134.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-134-169.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:36 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
expires: Wed, 17 Sep 1975 21:32:10 GMT

Redirect headers

Location: https://cs.adingo.jp/sync/?from=pricas&id=4RYytIrN7N
Date: Fri, 20 May 2022 19:43:36 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=UTF-8

GET
H2

200

/
cs.adingo.jp/sync/ Frame 029F
Redirect Chain

https://cr-p20.ladsp.com/cookiesender/20
https://cr-p20.ladsp.com/cookiesender/20?cr=true
https://cs.adingo.jp/sync/?from=logicad&id=AYXbr6nlWFpKks8ADsLzWLkgms8AAAGA4v8yDw

43 B
409 B

3ms
3ms

Image
image/gif

13.113.134.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=logicad&id=AYXbr6nlWFpKks8ADsLzWLkgms8AAAGA4v8yDw
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Server: 13.113.134.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-134-169.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:36 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
expires: Wed, 17 Sep 1975 21:32:10 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:36 GMT
via: 1.1 b6c849f24d6f543ce156a56dc112cd48.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: NRT57-C3
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://cs.adingo.jp/sync/?from=logicad&id=AYXbr6nlWFpKks8ADsLzWLkgms8AAAGA4v8yDw
cache-control: no-cache
content-length: 0
x-amz-cf-id: Gg0nr141iYoyWNWFD8UPKtJnelHLjdZ0RPYyM3hmrEGgUbjnksGHxA==
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 029F
Redirect Chain

https://cs.adingo.jp/adx/go/?nid=fluct_eb
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_hm=bd2e0bf6b71542fb614b58113e81df78

170 B
502 B

89ms
40ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_hm=bd2e0bf6b71542fb614b58113e81df78

Requested by

Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_hm=bd2e0bf6b71542fb614b58113e81df78
date: Fri, 20 May 2022 19:43:36 GMT
server: nginx
content-type: text/html; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H2

200

/
cs.adingo.jp/sync/ Frame 029F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=dj0pjjk&ttd_tpi=1
https://cs.adingo.jp/sync/?from=tdid&id=5c33c685-8d9b-4a16-9aef-4f3066e3a88d&ttl=1655667816

43 B
402 B

3ms
3ms

Image
image/gif

13.113.134.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=tdid&id=5c33c685-8d9b-4a16-9aef-4f3066e3a88d&ttl=1655667816
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Server: 13.113.134.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-134-169.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:36 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
expires: Wed, 17 Sep 1975 21:32:10 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:36 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.adingo.jp/sync/?from=tdid&id=5c33c685-8d9b-4a16-9aef-4f3066e3a88d&ttl=1655667816
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 213

GET
H/1.1

200

cs
discoveryplus.popin.cc/popin_discovery/ Frame 029F
Redirect Chain

https://cs.adingo.jp/popin/?id=bd2e0bf6b71542fb614b58113e81df78
https://discoveryplus.popin.cc/popin_discovery/cs?pid=fluct&puid=bd2e0bf6b71542fb614b58113e81df78

35 B
461 B

16ms
3ms

Image
image/gif

119.63.198.176
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discoveryplus.popin.cc/popin_discovery/cs?pid=fluct&puid=bd2e0bf6b71542fb614b58113e81df78
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 119.63.198.176 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: nginx/1.13.5
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

location: https://discoveryplus.popin.cc/popin_discovery/cs?pid=fluct&puid=bd2e0bf6b71542fb614b58113e81df78
date: Fri, 20 May 2022 19:43:36 GMT
server: nginx
content-type: text/html; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H2 200 fltids
aud.adjust-net.jp/adfrontserver/ Frame 029F 0
50 B 19ms
5ms Image
text/plain 3.114.252.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.adjust-net.jp/adfrontserver/fltids?val=bd2e0bf6b71542fb614b58113e81df78
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.252.10 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-252-10.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:36 GMT
content-length: 0
server: nginx

GET
H/1.1 200
OK compass.js Show response
j.microad.net/js/ Frame 497D 109 KB
25 KB 8ms
8ms Script
application/javascript 104.71.157.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://j.microad.net/js/compass.js
Requested by: Host: sh.adingo.jp
URL: https://sh.adingo.jp/?G=1000104662&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=74778680128762&guid=ON
Protocol: HTTP/1.1
Server: 104.71.157.62 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-71-157-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc39e377fbff0ed82d8889ef8174b724ae80eab5c738d59b3712b10a03c2e0b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 11:47:47 GMT
Server: Apache
ETag: "1b5aa-gzip"
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: public, max-age=539704
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 25317
Expires: Fri, 27 May 2022 01:38:40 GMT

GET
H2 200 /
i.adingo.jp/ Frame 029F 43 B
408 B 5ms
5ms Image
image/gif 54.92.2.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.adingo.jp/?p=Bmy2PPMm1WdzjRkeaxw8dISwONOknpT3664u-jKhlaQas5LLqJWK3p-L8cGbpo8IAoEWQwaWXNKUwA7VB1S-G9iaTnB9AQRhjqQ1HFHK6Umg2oAAqo4sVqJ3dG_2eC20pfiXSWKxWjOaFxDFFxKahEegFbxTAhJnXbK9F1hIPHBcBhC9TXxIpW9TgC7M_1KawqThjq2mE4ugpisEpYakkMYoBu-HOEsWqk1eE-cxYPw3h4drO97OVolRI30nU2ZjI8InOPTOT2qcIYCGB-23CURppiL4uQdxfzlyDvDvyzDkOihbVBlBKERhgHeC9MDTo31AGUXOB0UYXw6YwXnBgLzf&v=UAJvUfku11YsavGH&k=3&R=
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.2.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-92-2-218.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:36 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EB38 0
0 44ms
43ms Fetch
image/gif 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfBbXijoyoUwRxRpxEz60I-uAIJ3hojZAXlHQWhf50EMBuvCZGo6TIXOHRKjo0f4G6mqsbsletrarxzBoaDocjs9LmgSl629AgSB2I6eFirzPLplUQGR1f99vdujcrk-tJL6Z2XXVhs_49LLBuXYMWVnV19M1-GaWo70EiqA4WExx5HuRmV8V1zObcaubDeyW3z3nAtC_jofWATVivHrmNGGBdJ6Vx4D6g84TLU4G43CwfKGZZ2FjuW_3g5RmtfPt27_UVkb2SJ9O-e2AJ_yzgd6UPl-B5dfTBF4N55quSKLA7Qpc16a6N&sai=AMfl-YRRmpsHVK77LGF1cYyjC-Z5jTNaOf2j3fOTabjr5PCaU6pxpLjsyJ_79P9RBm6_g2win-h6mUlI99L2ldJCyhdIqiL_e3NDYp0XQgnMUU9-mCvfcvaa17YrOnI6zgthufw&sig=Cg0ArKJSzGaloWoP4HwMEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 19:43:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13420/61/20/ Frame EB38 819 B
859 B 9ms
9ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13420/61/20/
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: 435b49d0a7cb76c9bc8893309b67ddd6d5eb91262fe6069d154dd699016fbb8d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
Content-Encoding: gzip
Server: nginx
Age: 137
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv06-osk01-jp (ApacheTrafficServer-second [uScSsSfUpSeN:t cCSp sS]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScHs f p eN:t cCHp s ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 378

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB38 135 KB
41 KB 51ms
51ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 May 2022 19:43:36 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5742 3 KB
4 KB 13ms
2ms Script
text/html 103.231.99.243
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=33453926&p=156313&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: f9c9561233a15b74e905eaa28dc038cea8de22266634173bd1b84d12fb34bf77

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:36 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK compass.js Show response
j.microad.net/js/ Frame EB38 109 KB
25 KB 3ms
3ms Script
application/javascript 104.71.157.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://j.microad.net/js/compass.js
Requested by: Host: wtag.estlier.net
URL: http://wtag.estlier.net/tagapi1.0/13420/61/20/
Protocol: HTTP/1.1
Server: 104.71.157.62 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-71-157-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc39e377fbff0ed82d8889ef8174b724ae80eab5c738d59b3712b10a03c2e0b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 11:47:47 GMT
Server: Apache
ETag: "1b5aa-gzip"
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: public, max-age=539704
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 25317
Expires: Fri, 27 May 2022 01:38:40 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A78B
Redirect Chain

https://cr-p10.ladsp.jp/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
https://cr-pall.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
https://cr-pall.ladsp.com/cookiesender/10?cr=true&https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AYXbr6nlWFpKks8ADsLzWLkgms8AAAGA4v8x8A

42 B
292 B

2ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AYXbr6nlWFpKks8ADsLzWLkgms8AAAGA4v8x8A
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 20 May 2022 09:57:55 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
date: Fri, 20 May 2022 19:43:36 GMT
expires: -1
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AYXbr6nlWFpKks8ADsLzWLkgms8AAAGA4v8x8A
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
pragma: no-cache
server: Logicad
via: 1.1 2db79171f5f60ceb7ed4b286fa3572be.cloudfront.net (CloudFront)
x-amz-cf-id: XxZ98zuBUUIoEPpajGZQCfEcLo6jWLVtjVDLM6AHy5KISzwst0ykEA==
x-amz-cf-pop: NRT57-C3
x-cache: Miss from cloudfront

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9548
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b8006287-ef69-4400-9381-a9cfbd985022&gdpr=0&gdpr_consent=

42 B
504 B

2ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b8006287-ef69-4400-9381-a9cfbd985022&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 20 May 2022 10:08:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Fri, 20 May 2022 19:43:37 GMT
Expires: Fri, 20 May 2022 19:43:36 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4419 e1034d5 master hkg-pixel-x19 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b8006287-ef69-4400-9381-a9cfbd985022&gdpr=0&gdpr_consent=

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame F770 43 B
363 B 11ms
2ms Document
image/gif 182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 19:43:36 GMT
expires: Fri, 20 May 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 370135
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 027C
Redirect Chain

https://ds.uncn.jp/pm/0/sync
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_3418df40-eea4-46d3-85be-2b69733ba06d

42 B
440 B

17ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_3418df40-eea4-46d3-85be-2b69733ba06d
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 20 May 2022 19:43:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 170
Content-Type: text/html; charset=utf-8
Date: Fri, 20 May 2022 19:43:36 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_3418df40-eea4-46d3-85be-2b69733ba06d
Server: Apache

GET b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 0D0D 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 18A1
Redirect Chain

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dpubmatic%26rd%3Dhttps%253A%2F%2Fsimage2%2Epubmatic%2Ecom%2FAdServer%2FPug%253...
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&auid=3c469ce8-2d7c-46f...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=2w3u91dYnty

42 B
190 B

2ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=2w3u91dYnty
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 20 May 2022 19:43:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-store,no-cache
Connection: close
Content-Length: 0
Date: Fri, 20 May 2022 19:43:36 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=2w3u91dYnty
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma: no-cache
Server: nginx
expires: -1

GET
H2 200 / Show response
cs.adingo.jp/sync/ Frame 7BEB 43 B
405 B 4ms
3ms Document
image/gif 13.113.134.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.adingo.jp/sync/?from=pubm&id=4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.134.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-134-169.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
date: Fri, 20 May 2022 19:43:36 GMT
expires: Wed, 17 Sep 1975 21:32:10 GMT
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma: no-cache
server: nginx

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5742
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TOf36BOJRtysbio6LOI51A%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

3ms
3ms

Image
text/html

23.44.52.240
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol: H2
Server: 23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-52-240.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=144945
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Sun, 22 May 2022 11:59:22 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 5742
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4&sInitiator=external&gdpr=0&gdpr_consent=

42 B
569 B

59ms
59ms

Image
image/gif

119.9.108.180
RACKSPACE-AP Rack...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol: HTTP/1.1
Server: 119.9.108.180 Central, Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:28 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:28 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 5742
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4&gdpr=0&gdpr_consent=&ct=y

49 B
542 B

81ms
79ms

Image
image/gif

13.213.158.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4&gdpr=0&gdpr_consent=&ct=y
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol: H2
Server: 13.213.158.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-213-158-231.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.4.0
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4&gdpr=0&gdpr_consent=&ct=y
cache-control: no-cache
x-server: 10.42.17.58
content-length: 0
expires: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 5742
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIQJAggRGL86PCJ2JkMIcRE&google_cver=1

42 B
348 B

6ms
2ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIQJAggRGL86PCJ2JkMIcRE&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:31:56 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIQJAggRGL86PCJ2JkMIcRE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 5742 43 B
613 B 296ms
77ms Image
image/gif 161.202.200.115
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.202.200.115 Tokyo, Japan, ASN36351 (SOFTLAYER, US),

Reverse DNS

73.c8.caa1.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 19 May 2022 19:43:37 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5742
Redirect Chain

https://tg.socdm.com/rtb/sync?proto=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=YofvaMCo8HgAAIrIBrgAAAAA

42 B
201 B

3ms
2ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=YofvaMCo8HgAAIrIBrgAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:36 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 20 May 2022 19:43:36 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=pubmatic","cluster_id":6,"gdpr":false,"ipv4":"217.138.252.184","key":"YofvaMCo8HgAAIrIBrgAAAAA","privacy_sensitive":false,"uid":"YofvaMCo8HgAAIrIBrgAAAAA","upstream_id":"a-ad40382"}
X-SO-Key: YofvaMCo8HgAAIrIBrgAAAAA
X-SO-Upstream-ID: a-ad40382
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: a-ad40382.dc2p.scaleout.jp
X-SO-UID: YofvaMCo8HgAAIrIBrgAAAAA
Connection: keep-alive
Content-Length: 0
X-SO-IP: 217.138.252.184
X-SO-Cluster-ID: 6
Server: nginx
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=YofvaMCo8HgAAIrIBrgAAAAA
Cache-Control: private
X-SO-Ads-Time: 4
X-SO-LB-Hostname: a-tgng40009.dc2p.scaleout.jp

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5742
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5c33c685-8d9b-4a16-9aef-4f3066e3a88d

42 B
279 B

3ms
2ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5c33c685-8d9b-4a16-9aef-4f3066e3a88d
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:36 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:36 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5c33c685-8d9b-4a16-9aef-4f3066e3a88d
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5742
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=6&t=pixel&ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=433&user_id=eia8lnae3wvu&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4c57029c-9957-4ff1-83f1-f0ff17b38e45&gdpr=&gdpr_consent=&gdpr_pd=

1 B
285 B

2ms
2ms

Image
text/html

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4c57029c-9957-4ff1-83f1-f0ff17b38e45&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4c57029c-9957-4ff1-83f1-f0ff17b38e45&gdpr=&gdpr_consent=&gdpr_pd=
Date: Fri, 20 May 2022 19:43:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5742 43 B
988 B 217ms
74ms Image
image/gif 2406:da18:929:5a01:a378:6e6:f85f:9802
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2406:da18:929:5a01:a378:6e6:f85f:9802 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 5742
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bLR4EetE2uV1fmEzgnORQsBPnEmeP48-~A&gdpr=0&gdpr_consent=

0
261 B

17ms
3ms

Image
text/plain

103.231.99.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bLR4EetE2uV1fmEzgnORQsBPnEmeP48-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol: H2
Server: 103.231.99.81 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:36 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bLR4EetE2uV1fmEzgnORQsBPnEmeP48-~A&gdpr=0&gdpr_consent=
date: Fri, 20 May 2022 19:43:36 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5742
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=316937144418363931

42 B
398 B

2ms
2ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=316937144418363931
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=316937144418363931
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 5742
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3834589878498567173&gdpr=0&gdpr_consent=

42 B
398 B

2ms
2ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3834589878498567173&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 11:55:12 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Fri, 20 May 2022 19:43:37 GMT
X-Proxy-Origin: 217.138.252.184; 217.138.252.184; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: d0d828d0-475c-4708-a7b3-a2239fd42945
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3834589878498567173&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B1E2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03bb35449be6e7e53855fdb37a001c8c091847b7b061987417d09bebe029abd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EB38 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7de21dc8608e8f8014f08d39ae0650fbf1a555dbbc7748d8aa7a86863cafb93

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13416/6c/2/ Frame 3138 388 B
729 B 9ms
8ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13416/6c/2/
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: 4baf2d07feacb7fa5a575a7ca13f20f150e725395bbc8fd8e0c76a71229ec027

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:36 GMT
Content-Encoding: gzip
Server: nginx
Age: 239
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv03-osk01-jp (ApacheTrafficServer-second [uScHs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScHs f p eN:t cCHp s ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 248

GET
H/1.1 200
200 ic
ssp.send.microad.jp/ Frame 44C9 43 B
500 B 342ms
115ms Image
image/gif 202.233.84.16
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microad.jp/ic?ep=5YofvaDmyggDjptMZyiBfIqtavEDT_bmbARMcuTIHB8drozLruszct6pdRvwX6D_Z7LJaBHVs-RePr-zxplIRqke8b4i87F0GF1jNILvI7aGjWhLOJZx66drmXgckYvsau8nclpJgE-AQ52_R7OxZDBdR_QyK9e2vo1IS9iHfXujExFz9fbkl2mQuxXY
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.16 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: image/gif
Content-Length: 57

GET
H/1.1 200
OK cookie_loader.html Show response
cache.send.microad.jp/js/ Frame B0E8 2 KB
2 KB 5ms
4ms Document
text/html 14.0.42.24
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microad.jp/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.42.24 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 1909
Content-Type: text/html
Date: Fri, 20 May 2022 19:43:36 GMT
ETag: "10cf9c751f3fdad8c8784c6bf8cee57a"
Last-Modified: Thu, 28 Oct 2021 12:57:38 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PSrbJP1tu67:9 (W), 1.1 PSrbdjTYO3fx116:6 (W)
X-Px: ht PSrbdjTYO3fx116HND
X-Ws-Request-Id: 6287ef68_PSrbdjTYO3hy174_25046-63270
x-amz-id-2: 39syy1FzfVdhuE5XIArdiN0q/0HrDX1FtRGqkU4DS66sTswd3J0MaFsDYYRGZimU/3/2pJaptoQ=
x-amz-request-id: PCSZ1R902WJT8HE5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7

GET
H/1.1 200
200 ad Show response
s-rtb.send.microad.jp/ Frame 497D 2 KB
2 KB 116ms
116ms Script
text/javascript 202.233.84.3
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microad.jp/ad?spot=435395711d21349cec22a68bd12a96d1&cb=microadCompass.AdRequestor.callback&url=http%3A%2F%2Fmix.pendrawing.work%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=b47eeb4b4548980180e2ff3221

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.3 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

715fc8166b662355264c65cde74c9c2b8d98d3979e31891d95f942bd691e6494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1840
X-XSS-Protection: 1; mode=block

GET
H3 200 f.js Show response
cdn-fluct.sh.adingo.jp/ Frame 3138 3 KB
3 KB 39ms
39ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000104663
Requested by: Host: wtag.estlier.net
URL: http://wtag.estlier.net/tagapi1.0/13416/6c/2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
via: 1.1 google
last-modified: Mon, 12 Apr 2021 01:23:17 GMT
server: nginx
etag: "cf5ec206a0bc2705586f1c0fb0bd458b"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2747
expires: Fri, 20 May 2022 20:43:37 GMT

GET
H/1.1 200
OK cookie_loader.html Show response
cache.send.microad.jp/js/ Frame 56A3 2 KB
2 KB 8ms
8ms Document
text/html 14.0.42.24
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microad.jp/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.42.24 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 1909
Content-Type: text/html
Date: Fri, 20 May 2022 19:43:37 GMT
ETag: "10cf9c751f3fdad8c8784c6bf8cee57a"
Last-Modified: Thu, 28 Oct 2021 12:57:38 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PSrbJP1tu67:9 (W), 1.1 PSrbdjTYO3fx116:6 (W)
X-Px: ht PSrbdjTYO3fx116HND
X-Ws-Request-Id: 6287ef69_PSrbdjTYO3hy174_25046-63271
x-amz-id-2: 39syy1FzfVdhuE5XIArdiN0q/0HrDX1FtRGqkU4DS66sTswd3J0MaFsDYYRGZimU/3/2pJaptoQ=
x-amz-request-id: PCSZ1R902WJT8HE5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7

GET
H/1.1 200
200 ad Show response
s-rtb.send.microad.jp/ Frame EB38 1 KB
2 KB 400ms
173ms Script
text/javascript 202.233.84.3
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microad.jp/ad?spot=7f5aa49957898c0166c5b047ccbd7c61&cb=microadCompass.AdRequestor.callback&url=http%3A%2F%2Fmix.pendrawing.work%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=d506ec22d05a180180e2ff322a

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.3 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

156657a90d166e5563662d521fb308ed88795606b07ff65e470997972d046413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1493
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13413/f0/2/ Frame C7C8 388 B
729 B 8ms
8ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13413/f0/2/
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: affd70cd314405fd60a64b173fe1fe3f553821e07e4a135e1e88ac710b9d7d08

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: nginx
Age: 240
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv02-osk01-jp (ApacheTrafficServer-second [uScHs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScHs f p eN:t cCHp s ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 248

GET
H/1.1 200
200 ic
ssp.send.microad.jp/ Frame B1E2 43 B
500 B 324ms
116ms Image
image/gif 202.233.84.16
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microad.jp/ic?ep=5YofvaDrjrwBuQC2VW9x3yFkI2psYfLLuHuDcYlkumfTCOOFuS9GUWBRPsBK63e2FxY01abl36wh-sqQeGEDnROqJvdSV0zJr20PfP0rVpU4dSOQgiKmttfPZMWroeekIStKUeSxy5Q692LuHw9kwa9tK7xN74qNKG0riEozqjLTRqVPjQwqLxZj6vdc
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.16 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: image/gif
Content-Length: 57

GET
H/1.1

200
OK

idsync
tg.socdm.com/aux/ Frame B1E2
Redirect Chain

https://aid.send.microad.jp/asr?v=1&code=Utqpjbqy87I&format=pixel
https://tg.socdm.com/aux/idsync?proto=universe&ssp_uid=LhW9tI7WjZsNGTH6lzAwgAFsfZZle53IHTvSpG0fTzqkXmY-47yjiw

43 B
952 B

47ms
44ms

Image
image/gif

202.241.208.55
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=universe&ssp_uid=LhW9tI7WjZsNGTH6lzAwgAFsfZZle53IHTvSpG0fTzqkXmY-47yjiw
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 202.241.208.55 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=universe&ssp_uid=LhW9tI7WjZsNGTH6lzAwgAFsfZZle53IHTvSpG0fTzqkXmY-47yjiw","cluster_id":6,"gdpr":false,"ipv4":"217.138.252.184","key":"YofvaMCo8HgAAIrIBrgAAAAA","privacy_sensitive":false,"uid":"YofvaMCo8HgAAIrIBrgAAAAA","upstream_id":"a-ad40382"}
X-SO-Key: YofvaMCo8HgAAIrIBrgAAAAA
X-SO-Upstream-ID: a-ad40382
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: a-ad40382.dc2p.scaleout.jp
X-SO-UID: YofvaMCo8HgAAIrIBrgAAAAA
Connection: keep-alive
Content-Length: 43
X-SO-IP: 217.138.252.184
X-SO-Cluster-ID: 6
Server: nginx
Content-Type: image/gif
Cache-Control: private
X-SO-Ads-Time: 40
X-SO-LB-Hostname: a-tgng40009.dc2p.scaleout.jp

Redirect headers

Date: Fri, 20 May 2022 19:43:37 GMT
Server: Apache
Location: https://tg.socdm.com/aux/idsync?proto=universe&ssp_uid=LhW9tI7WjZsNGTH6lzAwgAFsfZZle53IHTvSpG0fTzqkXmY-47yjiw
Strict-Transport-Security: max-age=3600
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
cache-control: no-cache
Connection: close
Content-Type
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 0

GET
H3 200 f.js Show response
cdn-fluct.sh.adingo.jp/ Frame C7C8 3 KB
3 KB 53ms
52ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000104660
Requested by: Host: wtag.estlier.net
URL: http://wtag.estlier.net/tagapi1.0/13413/f0/2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
via: 1.1 google
last-modified: Mon, 12 Apr 2021 01:23:17 GMT
server: nginx
etag: "cf5ec206a0bc2705586f1c0fb0bd458b"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2747
expires: Fri, 20 May 2022 20:43:37 GMT

GET
H2 200 / Show response
sh.adingo.jp/ Frame 3138 7 KB
4 KB 33ms
33ms Script
application/x-javascript 54.199.239.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/?G=1000104663&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=97862609374354&guid=ON

Requested by

Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000104663

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.199.239.233 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-199-239-233.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d72e28d7a45f8920c009c7687b0b3cfff277782f447ef9fa1773259c130b64de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 19:43:37 GMT
server: nginx
vary: Accept-Encoding
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
content-type: application/x-javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4DF8 0
0 44ms
44ms Fetch
image/gif 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss15mktDoTZHCSrNQPbAJaMToSgxHeOP2h5gWO_-G1ajn9GmaYDrmfsgqpjI_28SZ7SwwiPezvi0GI9s6GHLuUOlalEjRuDjK2_1haD6Ht5f8UEydP3Ergr77NifJEykx8t4d8fJZ0I2mfm-tHrr1CnuJQUO4Ve4QjwQs37RkYxWafZiNzF9e6Ei4DFalOC10tJh-OmcoGa2ERVHQ0TiZIKjA8N-01_rjifUBzl8gmmqneP--vZDV-y_hcgOj3qUW9FkFP8xj1ZTvXqb3sH_OgcNph-L-osL2xH8-W7Cd7Q8ZY0HKifmlRu&sai=AMfl-YTmCaOcYig8dxdqErXYT1D_SubMR8jFI0Zy47KA82vanEvZ9P5Gg8BmwlYVZglqzyYjAosSrudBFGm7r2WRvGC3-LMidluv7spiAeRAmGxcodhdGXxiqqwj32ex7G1r&sig=Cg0ArKJSzNmW3TaDCBIgEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 19:43:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13419/3a/20/ Frame 4DF8 819 B
859 B 9ms
9ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13419/3a/20/
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: a43720005064626c3b8d2b80172d524b7b3be9e0655acff3310deece21944a9f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: nginx
Age: 233
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv12-osk01-jp (ApacheTrafficServer-second [uScRs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScSsSfUpSeN:t cCSpSs ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 378

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4DF8 135 KB
41 KB 58ms
58ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 May 2022 19:43:37 GMT

GET
H/1.1 200
OK sync
sync.fout.jp/ Frame 3138 43 B
395 B 266ms
121ms Image
image/gif 202.232.238.37
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.fout.jp/sync?xid=fluct

Requested by

Host: sh.adingo.jp
URL: https://sh.adingo.jp/?G=1000104663&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=97862609374354&guid=ON

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

202.232.238.37 Minato-ku, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=15768000
P3P: CP="ADM NOI OUR"
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/gif

GET
H3

200

sync
odr.mookie1.com/t/v2/ Frame 3138
Redirect Chain

https://x.bidswitch.net/sync?ssp=fluct
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=

43 B
64 B

46ms
42ms

Image
image/gif

35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H3
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=
Date: Fri, 20 May 2022 19:43:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 fltids
aud.adjust-net.jp/adfrontserver/ Frame 3138 0
49 B 6ms
5ms Image
text/plain 3.114.252.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.adjust-net.jp/adfrontserver/fltids?val=bd2e0bf6b71542fb614b58113e81df78
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.252.10 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-252-10.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
content-length: 0
server: nginx

GET
H/1.1 200
OK compass.js Show response
j.microad.net/js/ Frame A959 109 KB
25 KB 3ms
3ms Script
application/javascript 104.71.157.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://j.microad.net/js/compass.js
Requested by: Host: sh.adingo.jp
URL: https://sh.adingo.jp/?G=1000104663&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=97862609374354&guid=ON
Protocol: HTTP/1.1
Server: 104.71.157.62 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-71-157-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc39e377fbff0ed82d8889ef8174b724ae80eab5c738d59b3712b10a03c2e0b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 11:47:47 GMT
Server: Apache
ETag: "1b5aa-gzip"
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: public, max-age=539703
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 25317
Expires: Fri, 27 May 2022 01:38:40 GMT

GET
H2 200 /
i.adingo.jp/ Frame 3138 43 B
408 B 4ms
3ms Image
image/gif 54.92.2.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.adingo.jp/?p=8K8UPfUk6Sk8dL3Cw86fdNb7_FCDKi437FEBHD_II9R9PrUUqfgLY-1Hk9Ohojgl_L_ityYu4o_eyfrmvPxhhtIuHECB878QhcqtoN0H6t2oLsMVfGxUmgqnEqJr23BvtwKIQna8Zltp7dv783TfIR0UKHz-BeIojjvZz52Dik83zF-qjTkfc_t5ErR3hMyD9KkFnyP995RGW3qVsItywXc6NnFCdUEHT4glV5E8QuRsKhpPdYNBZgkJxTSIJpmRLSzA_DIXfomVsbJl_g0Dz9PoHyy-3-Nw3EDwdO5oS80U7ZLCswotnY2_UHYwUxr5tP8pgAGEcVYpcYfGytg0EZAo&v=wvPP1sZdBpRwJK-I&k=3&R=
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.2.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-92-2-218.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK compass.js Show response
j.microad.net/js/ Frame 4DF8 109 KB
25 KB 3ms
3ms Script
application/javascript 104.71.157.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://j.microad.net/js/compass.js
Requested by: Host: wtag.estlier.net
URL: http://wtag.estlier.net/tagapi1.0/13419/3a/20/
Protocol: HTTP/1.1
Server: 104.71.157.62 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-71-157-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc39e377fbff0ed82d8889ef8174b724ae80eab5c738d59b3712b10a03c2e0b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 11:47:47 GMT
Server: Apache
ETag: "1b5aa-gzip"
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: public, max-age=539703
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 25317
Expires: Fri, 27 May 2022 01:38:40 GMT

GET
H2 200 / Show response
sh.adingo.jp/ Frame C7C8 7 KB
4 KB 31ms
31ms Script
application/x-javascript 54.199.239.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/?G=1000104660&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=21156467368685&guid=ON

Requested by

Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000104660

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.199.239.233 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-199-239-233.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e99260fed4d99c6f0ab060fefa6047a352b5a4a2859e0ad29daeca5637a17ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 19:43:37 GMT
server: nginx
vary: Accept-Encoding
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
content-type: application/x-javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cookie_loader.html Show response
cache.send.microad.jp/js/ Frame 8E73 2 KB
2 KB 4ms
3ms Document
text/html 14.0.42.24
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microad.jp/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.42.24 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 1909
Content-Type: text/html
Date: Fri, 20 May 2022 19:43:37 GMT
ETag: "10cf9c751f3fdad8c8784c6bf8cee57a"
Last-Modified: Thu, 28 Oct 2021 12:57:38 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PSrbJP1tu67:9 (W), 1.1 PSrbdjTYO3fx116:6 (W)
X-Px: ht PSrbdjTYO3fx116HND
X-Ws-Request-Id: 6287ef69_PSrbdjTYO3hy174_25046-63277
x-amz-id-2: 39syy1FzfVdhuE5XIArdiN0q/0HrDX1FtRGqkU4DS66sTswd3J0MaFsDYYRGZimU/3/2pJaptoQ=
x-amz-request-id: PCSZ1R902WJT8HE5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7

GET
H/1.1 200
200 ad Show response
s-rtb.send.microad.jp/ Frame A959 2 KB
2 KB 344ms
116ms Script
text/javascript 202.233.84.3
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microad.jp/ad?spot=39fb7027e8d256ca7fe5bd2478d70aa4&cb=microadCompass.AdRequestor.callback&url=http%3A%2F%2Fmix.pendrawing.work%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=66e6cb77b7bf8c0180e2ff327e

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.3 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

39f2275846d996631d61c6e08dba5b20ba5affb268183ea36dc9e7d546d17b20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1714
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cookie_loader.html Show response
cache.send.microad.jp/js/ Frame 5306 2 KB
2 KB 4ms
4ms Document
text/html 14.0.42.24
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microad.jp/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.42.24 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 1909
Content-Type: text/html
Date: Fri, 20 May 2022 19:43:37 GMT
ETag: "10cf9c751f3fdad8c8784c6bf8cee57a"
Last-Modified: Thu, 28 Oct 2021 12:57:38 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PSrbJP1tu67:9 (W), 1.1 PSrbdjTYO3fx116:6 (W)
X-Px: ht PSrbdjTYO3fx116HND
X-Ws-Request-Id: 6287ef69_PSrbdjTYO3hy174_25046-63278
x-amz-id-2: 39syy1FzfVdhuE5XIArdiN0q/0HrDX1FtRGqkU4DS66sTswd3J0MaFsDYYRGZimU/3/2pJaptoQ=
x-amz-request-id: PCSZ1R902WJT8HE5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7

GET
H/1.1 200
200 ad Show response
s-rtb.send.microad.jp/ Frame 4DF8 1 KB
2 KB 358ms
130ms Script
text/javascript 202.233.84.3
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microad.jp/ad?spot=725c392c589a4d0b56760e19d64740f6&cb=microadCompass.AdRequestor.callback&url=http%3A%2F%2Fmix.pendrawing.work%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=28623805c54d4e180e2ff3287

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.3 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

216df0e62f1e5923429bb55437382cc6a85f3f4d28ba67d752c3c83944dc5992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1403
X-XSS-Protection: 1; mode=block

GET
H2 200 adstir.js Show response
js.ad-stir.com/js/ Frame 2003 62 KB
17 KB 2ms
2ms Script
text/javascript 13.33.174.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-stir.com/js/adstir.js
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.174.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-174-20.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5b251926f2de2a103761d5e5233d01f07a32c00545bffc4379ee1bc918a116b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:32:29 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 02:52:51 GMT
server: AmazonS3
age: 669
etag: W/"7b46a56c4cdf94d98ef34c2fdc9fea0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: NRT57-C2
x-amz-cf-id: amPeMf-R8EGeFtRpxjBVaQkV7zNlSg4dk7vWnkTssyL3nkebN9MaIw==

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 036F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=microad&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac

281 B
554 B

13ms
3ms

Document
text/html

23.10.15.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-10-15-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 May 2022 19:43:37 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 20 May 2022 19:43:37 GMT
location: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac
server: AkamaiGHost

GET
H/1.1 200
200 ic
ssp.send.microad.jp/ Frame 497D 43 B
500 B 241ms
116ms Image
image/gif 202.233.84.16
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microad.jp/ic?ep=5YofvaQZv8wCtsJyKpsqDTeP4R2iIxNn69Pp1KBtbTw3HD9tzHk7NAsrP9fAxmVkAaaUmZujFCIsrLf1ExsCipmHNCVE5-yFkivE8vB9K_BXEzKDCA1-GMF_xLGS7xwuHH0vNI_LyoOw2nwwFbPYgY4r4DJAufvkXxs2k9weuODExEIHYeB8-R5PTOjE
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.16 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: image/gif
Content-Length: 57

GET
H2

200

cksync.php
hbx.media.net/ Frame 497D
Redirect Chain

https://aid.send.microad.jp/asr?v=1&code=jG40gaTLVE0&format=pixel
https://hbx.media.net/cksync.php?cs=3&type=mic&ovsid=zYyeXTIU9f6t23lepCbHbuudXj1Vs0RWxnfjShIoViFbu_dFsT-HEA

45 B
645 B

171ms
12ms

Image
image/gif

23.40.192.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hbx.media.net/cksync.php?cs=3&type=mic&ovsid=zYyeXTIU9f6t23lepCbHbuudXj1Vs0RWxnfjShIoViFbu_dFsT-HEA

Requested by

Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/

Protocol

Server

23.40.192.26 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-40-192-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 20 May 2022 19:43:37 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Fri, 20 May 2022 19:43:37 GMT

Redirect headers

Date: Fri, 20 May 2022 19:43:37 GMT
Server: Apache
Location: https://hbx.media.net/cksync.php?cs=3&type=mic&ovsid=zYyeXTIU9f6t23lepCbHbuudXj1Vs0RWxnfjShIoViFbu_dFsT-HEA
Strict-Transport-Security: max-age=3600
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
cache-control: no-cache
Connection: close
Content-Type
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 0

GET
H/1.1 200
OK sync
sync.fout.jp/ Frame C7C8 43 B
395 B 333ms
142ms Image
image/gif 202.232.238.37
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.fout.jp/sync?xid=fluct

Requested by

Host: sh.adingo.jp
URL: https://sh.adingo.jp/?G=1000104660&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=21156467368685&guid=ON

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

202.232.238.37 Minato-ku, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=15768000
P3P: CP="ADM NOI OUR"
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/gif

GET
H3

200

sync
odr.mookie1.com/t/v2/ Frame C7C8
Redirect Chain

https://x.bidswitch.net/sync?ssp=fluct
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=

43 B
64 B

112ms
112ms

Image
image/gif

35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H3
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=
Date: Fri, 20 May 2022 19:43:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 fltids
aud.adjust-net.jp/adfrontserver/ Frame C7C8 0
49 B 5ms
3ms Image
text/plain 3.114.252.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.adjust-net.jp/adfrontserver/fltids?val=bd2e0bf6b71542fb614b58113e81df78
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.252.10 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-252-10.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
content-length: 0
server: nginx

GET
H/1.1 200
OK compass.js Show response
j.microad.net/js/ Frame 89D2 109 KB
25 KB 4ms
3ms Script
application/javascript 104.71.157.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://j.microad.net/js/compass.js
Requested by: Host: sh.adingo.jp
URL: https://sh.adingo.jp/?G=1000104660&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=21156467368685&guid=ON
Protocol: HTTP/1.1
Server: 104.71.157.62 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-71-157-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc39e377fbff0ed82d8889ef8174b724ae80eab5c738d59b3712b10a03c2e0b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 11:47:47 GMT
Server: Apache
ETag: "1b5aa-gzip"
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: public, max-age=539703
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 25317
Expires: Fri, 27 May 2022 01:38:40 GMT

GET
H2 200 /
i.adingo.jp/ Frame C7C8 43 B
408 B 4ms
4ms Image
image/gif 54.92.2.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.adingo.jp/?p=uLl-pbAaMesKxy9toGgmM5YHtkxNPnO3XTdr6NRc7WjLDjmvAS_Vhh2N_4QZmkgwSTxMGELYx5zFFCHoD_qqw5mULhFbfWYDdFxNtTi9W2ONB_GjwqPCiZAeWMht1DbvwQgTkOLHIu-q3ZOocykhDFd84D4CkIZY3y-UlVE-axZP41cUYAEKqRVYrVlJc1O_0WlVlt316H1-ofbopDs_EH10iooVKShqu26q9OtnaRCsBzz_4dHjDBUeMYFGGMoNhYlPd0ddaRMgXoupYO76zIpp3DV5yDPvxV38ro8f-JOsjXy_fmgipEa-aBC9TsoOwfFUbmwn8TfvZUBc6tKP9q8A&v=8JiPCfK67_Wogasj&k=3&R=
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.2.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-92-2-218.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 404 ad
ad.ad-stir.com/ Frame 2003 0
0 12ms
12ms Script
text/html 54.64.59.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-stir.com/ad?app_id=MEDIA-f9d91b43&ad_spot_no=3&locale=en&ut=1653075817180&topframe=0&origin=http%3A%2F%2Fmix.pendrawing.work%2F&sw=1600&sh=1200&dpr=1&novideo=0&topurl=1&adstir_media_uid=228e5881-d8d6-42c7-95ff-62e8e90a5a52&adstir_optout=0&callback=AdstirCB8314563585A9262455229
Requested by: Host: js.ad-stir.com
URL: https://js.ad-stir.com/js/adstir.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.59.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-59-131.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 4DF8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4452ba12fe11a0afa4ff55f886b012b909cadc0ab99fb7b31adc11d420e97785

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 load_adstir_optout.html Show response
js.ad-stir.com/js/ Frame 686D 546 B
893 B 2ms
2ms Document
text/html 13.33.174.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-stir.com/js/load_adstir_optout.html?url=http://mix.pendrawing.work/
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.174.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-174-20.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afb4895708b7ace5b1431f025508b030af5b4b23a133058744a94de67eeb7c70

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 669
cache-control: max-age=3600
content-length: 546
content-type: text/html; charset=utf-8
date: Fri, 20 May 2022 19:32:29 GMT
etag: "9b806bc4689e00e6824dc1594225523a"
last-modified: Mon, 16 May 2022 02:52:51 GMT
server: AmazonS3
via: 1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
x-amz-cf-id: 2AhRBLD_ggbd4JmRjsG7JpkhsMMQgvf6yx8Vo_f5dpNFgazGqGYJtA==
x-amz-cf-pop: NRT57-C2
x-cache: Hit from cloudfront

GET
H/1.1 200
OK cookie_loader.html Show response
cache.send.microad.jp/js/ Frame 2FC1 2 KB
2 KB 4ms
4ms Document
text/html 14.0.42.24
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microad.jp/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.42.24 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 1909
Content-Type: text/html
Date: Fri, 20 May 2022 19:43:37 GMT
ETag: "10cf9c751f3fdad8c8784c6bf8cee57a"
Last-Modified: Thu, 28 Oct 2021 12:57:38 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PSrbJP1tu67:9 (W), 1.1 PSrbdjTYO3fx116:6 (W)
X-Px: ht PSrbdjTYO3fx116HND
X-Ws-Request-Id: 6287ef69_PSrbdjTYO3hy174_25046-63281
x-amz-id-2: 39syy1FzfVdhuE5XIArdiN0q/0HrDX1FtRGqkU4DS66sTswd3J0MaFsDYYRGZimU/3/2pJaptoQ=
x-amz-request-id: PCSZ1R902WJT8HE5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7

GET
H/1.1 200
200 ad Show response
s-rtb.send.microad.jp/ Frame 89D2 1 KB
2 KB 343ms
115ms Script
text/javascript 202.233.84.3
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microad.jp/ad?spot=363f9bc7b5d8e8ca3996ac3a83b56df8&cb=microadCompass.AdRequestor.callback&url=http%3A%2F%2Fmix.pendrawing.work%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=a08e077befa1c00180e2ff32bc

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.3 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

938e136d8d97403153c834ef944084b0c229935d148ef28704c5d713750f22e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1437
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 036F 31 KB
10 KB 3ms
3ms Script
text/html 23.10.15.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-10-15-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 13ef096aae58660e365533a6490cbe9d73ae660188895dca8740d8efbdecbff7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 17:10:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=36311
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9445
Expires: Sat, 21 May 2022 05:48:48 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 036F 284 B
934 B 433ms
107ms Image
image/jpg 8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/jpg

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 72DF 0
0 44ms
43ms Fetch
image/gif 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHTPcQebTE0q5wunXIooAxkNIY9ldC5wLepnUt61eVH7CvWgjg3QJ_m-azDK9KzGPPvxxkK5hXo6K7Vu_2tkYEHlpzZ0WnYsgTXtoqYIsG1kNwyyPxHp__ZEskPXbgRtkY4okCAti5d-lNlUvf8fXDnGW2wtbU_sXYnwB-1hBr9-G-_JZIQTtU4JSoApX-cOZfZ_hHAStRTA5YZ2g4e1j3kx7unxEVgxE_IAms0BMXvaycF0HqelFLUn4sSvW5EMdSo3i66fYoFs6dnNaBGPJtSUPjP9q-Hn7S1UsCP5PZqo-80hKieGlY&sai=AMfl-YSNXSIIAbsdGgd7Y2aZfV2_j3ir9x24lbDkKxPyF3qbvmQgHPNjO2cf4SFQFuxbJl2Y7r7zZ0joftuY-vwQ63PSwdiIu44oexCZ9rbzCloRSSkG5n-GOKHwMcD8tyx7&sig=Cg0ArKJSzKkqlzdzM2EFEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 19:43:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13414/34/20/ Frame 72DF 819 B
857 B 10ms
9ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13414/34/20/
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: d0c12ad9e6d719365d4f311fb5a4a0dc25d5d6a201fda30cf963dd64ebce1d0b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: nginx
Age: 43
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv01-osk01-jp (ApacheTrafficServer-second [uScRs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScSsSfUpSeN:t cCSpSs ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 377

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 72DF 135 KB
41 KB 116ms
116ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 May 2022 19:43:37 GMT

GET
H/1.1 200
OK compass.js Show response
j.microad.net/js/ Frame 72DF 109 KB
25 KB 3ms
3ms Script
application/javascript 104.71.157.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://j.microad.net/js/compass.js
Requested by: Host: wtag.estlier.net
URL: http://wtag.estlier.net/tagapi1.0/13414/34/20/
Protocol: HTTP/1.1
Server: 104.71.157.62 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-71-157-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc39e377fbff0ed82d8889ef8174b724ae80eab5c738d59b3712b10a03c2e0b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 11:47:47 GMT
Server: Apache
ETag: "1b5aa-gzip"
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: public, max-age=539703
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 25317
Expires: Fri, 27 May 2022 01:38:40 GMT

GET
H/1.1 200
OK cookie_loader.html Show response
cache.send.microad.jp/js/ Frame C7D5 2 KB
2 KB 5ms
5ms Document
text/html 14.0.42.24
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microad.jp/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.42.24 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 1909
Content-Type: text/html
Date: Fri, 20 May 2022 19:43:37 GMT
ETag: "10cf9c751f3fdad8c8784c6bf8cee57a"
Last-Modified: Thu, 28 Oct 2021 12:57:38 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PSrbJP1tu67:9 (W), 1.1 PSrbdjTYO3fx116:6 (W)
X-Px: ht PSrbdjTYO3fx116HND
X-Ws-Request-Id: 6287ef69_PSrbdjTYO3hy174_25046-63291
x-amz-id-2: 39syy1FzfVdhuE5XIArdiN0q/0HrDX1FtRGqkU4DS66sTswd3J0MaFsDYYRGZimU/3/2pJaptoQ=
x-amz-request-id: PCSZ1R902WJT8HE5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7

GET
H/1.1 200
200 ad Show response
s-rtb.send.microad.jp/ Frame 72DF 1 KB
2 KB 351ms
124ms Script
text/javascript 202.233.84.3
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microad.jp/ad?spot=8bea578bce8c461c0ff6823723f1a4ce&cb=microadCompass.AdRequestor.callback&url=http%3A%2F%2Fmix.pendrawing.work%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=65ca87b8258db00180e2ff3339

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.3 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

5ab9c2d4cc8f1444ee40054cd67357983e1c28bd0a22cc8042d1b9b79d90edf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1402
X-XSS-Protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 72DF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f9092ce03100cb71e0db05384f2f673c9c074b62265b59de3306c0ae7235835

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13420/61/2/ Frame B069 388 B
729 B 9ms
9ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13420/61/2/
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: 262bd4573bb79ab0216a3b5c53a4a0d079ff4678a2630db7587dbf5c2d7cd9a1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: nginx
Age: 137
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv03-osk01-jp (ApacheTrafficServer-second [uScHs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScSsSfUpSeN:t cCSpSs ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 248

GET
H/1.1

200
OK

microad2big.png
bigmining.com/pixel/ Frame EB38
Redirect Chain

https://aid.send.microad.jp/asr?v=1&code=XtrNLKLWme8&format=pixel
https://bigmining.com/pixel/microad2big.png?id=1_QWUOwaRK8kK3C7ga3ur6_NW08UTVWYioS5boaPEKghQsNkBUAQBw

95 B
327 B

5ms
5ms

Image
image/png

18.180.182.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bigmining.com/pixel/microad2big.png?id=1_QWUOwaRK8kK3C7ga3ur6_NW08UTVWYioS5boaPEKghQsNkBUAQBw
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Server: 18.180.182.210 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-180-182-210.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Last-Modified: Mon, 10 Feb 2020 13:46:28 GMT
ETag: "5e415eb4-5f"
P3P: CP="UNI CUR OUR"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 95

Redirect headers

Date: Fri, 20 May 2022 19:43:37 GMT
Server: Apache
Location: https://bigmining.com/pixel/microad2big.png?id=1_QWUOwaRK8kK3C7ga3ur6_NW08UTVWYioS5boaPEKghQsNkBUAQBw
Strict-Transport-Security: max-age=3600
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
cache-control: no-cache
Connection: close
Content-Type
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 0

GET
H/1.1 200
200 ic
ssp.send.microad.jp/ Frame EB38 43 B
500 B 115ms
115ms Image
image/gif 202.233.84.16
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microad.jp/ic?ep=5YofvaRfmxkC_-3bEySTIBnPEe7NxgAgLjafSo__tnyt2Ypr-ME7W-fsduiBhPabD8mHDSJUzmmQFLea_9xLtdjFp9pKiP8RK9weuUzFK5-_yGu4SU0nv88Q1x0vEPZljMU7W2MMg7zxmMvbL8j_AQPcOnn8Ad-fh8hLuKlcKx_LsxPcqU73SqOWESUI
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.16 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: image/gif
Content-Length: 57

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EB38
Redirect Chain

http://aid.send.microad.jp/g/pc/asr
https://aid.send.microad.jp/g/pc/asr
https://cm.g.doubleclick.net/pixel?google_nid=MiAd&google_hm=2eN4N25cYUtrSkymtJK8pw==

170 B
188 B

43ms
42ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=MiAd&google_hm=2eN4N25cYUtrSkymtJK8pw==

Requested by

Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 20 May 2022 19:43:37 GMT
Server: Apache
Location: //cm.g.doubleclick.net/pixel?google_nid=MiAd&google_hm=2eN4N25cYUtrSkymtJK8pw==
Strict-Transport-Security: max-age=3600
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
cache-control: no-cache
Connection: close
Content-Type
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 0

GET
H3 200 f.js Show response
cdn-fluct.sh.adingo.jp/ Frame B069 3 KB
3 KB 58ms
58ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000104667
Requested by: Host: wtag.estlier.net
URL: http://wtag.estlier.net/tagapi1.0/13420/61/2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
via: 1.1 google
last-modified: Mon, 12 Apr 2021 01:23:17 GMT
server: nginx
etag: "cf5ec206a0bc2705586f1c0fb0bd458b"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2747
expires: Fri, 20 May 2022 20:43:37 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 030C 0
0 40ms
39ms Fetch
image/gif 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstd8mG8YPEUCRhCfUwhGJKw5NaiCv7jbEkiNyJKwMXkiKW2uqJQbjMH2umcrmzX4QuQaMzNTiIPYyjFFlDlI6RId_KT_a9LWILUrGBhi393OVh3sqHHEWaTRtxCJ0rUpUBlSJuaHgj3ogWharruqX4y2OCbcpUxtsL3wUOHj0U8EpWQq8dZ0Ie6-pviYwxxzhDfYQBDboA4-G8aO2wHviCtmlKp6ibepY7J6S-yiVPAObMszEfyrXPm1wrlz0nXIOpkKg86PIFHSLbcKImD9fFeGEiWf2Ja-HIOIhMH7V3QwwiWkBFF6i9F&sai=AMfl-YQak1K9ykoSnY6hhAlcYRp7gaaTHlmDcpg9VcBhr3Ti26OrNuBntFS_IqMfwQWm6pGst82H859I2sg-yvUO6oap4foK8u1OarghhlcJEqZfemOxSkDib6VbrRFu3r0s&sig=Cg0ArKJSzF7aWPnlDpwFEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 19:43:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13418/21/20/ Frame 030C 819 B
859 B 9ms
9ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13418/21/20/
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: 60c2d98b70bf6e1f56248183287752cc2ba28808f4fc0b45d81d7f01ce39df9d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: nginx
Age: 190
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv06-osk01-jp (ApacheTrafficServer-second [uScHs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScHs f p eN:t cCHp s ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 378

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 030C 135 KB
41 KB 49ms
49ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 May 2022 19:43:37 GMT

GET
H2 200 adstir.js Show response
js.ad-stir.com/js/ Frame EFB1 62 KB
17 KB 2ms
2ms Script
text/javascript 13.33.174.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-stir.com/js/adstir.js
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.174.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-174-20.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5b251926f2de2a103761d5e5233d01f07a32c00545bffc4379ee1bc918a116b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:32:29 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 02:52:51 GMT
server: AmazonS3
age: 669
etag: W/"7b46a56c4cdf94d98ef34c2fdc9fea0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: NRT57-C2
x-amz-cf-id: mLSuzxSvCcEcasKtWr1XK1Pmck5Q0JpSkDgdSpGC-dl-XiH6wb62lw==

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame E6B1
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=microad&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac

281 B
554 B

3ms
2ms

Document
text/html

23.10.15.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-10-15-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 May 2022 19:43:37 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 20 May 2022 19:43:37 GMT
location: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac
server: AkamaiGHost

GET
H/1.1 200
200 ic
ssp.send.microad.jp/ Frame A959 43 B
500 B 341ms
114ms Image
image/gif 202.233.84.16
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microad.jp/ic?ep=5YofvaRmCwwAedgpRNIi2z7TAFE1ddfMfIS8FQ_TQbXKM6KYk5odT-fqgiMQfe4bz_Ic-pg5vlQvT5GO_9q_fkk8v1qKs2TmkbFuhPOeDYu70o932Lb0nw8rTNKRdbZkO54JT2MKd3dgYfdP2-dQ4o2xSkRDWt2fs9qLZwylM58KqzaW3Kj2Hx4SV6ic
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.16 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: image/gif
Content-Length: 57

GET
H/1.1 200
OK compass.js Show response
j.microad.net/js/ Frame 030C 109 KB
25 KB 3ms
2ms Script
application/javascript 104.71.157.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://j.microad.net/js/compass.js
Requested by: Host: wtag.estlier.net
URL: http://wtag.estlier.net/tagapi1.0/13418/21/20/
Protocol: HTTP/1.1
Server: 104.71.157.62 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-71-157-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc39e377fbff0ed82d8889ef8174b724ae80eab5c738d59b3712b10a03c2e0b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 11:47:47 GMT
Server: Apache
ETag: "1b5aa-gzip"
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: public, max-age=539703
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 25317
Expires: Fri, 27 May 2022 01:38:40 GMT

GET
H2 404 ad
ad.ad-stir.com/ Frame EFB1 0
0 3ms
3ms Script
text/html 54.64.59.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-stir.com/ad?app_id=MEDIA-f9d91b43&ad_spot_no=4&locale=en&ut=1653075817531&topframe=0&origin=http%3A%2F%2Fmix.pendrawing.work%2F&sw=1600&sh=1200&dpr=1&novideo=0&topurl=1&adstir_media_uid=228e5881-d8d6-42c7-95ff-62e8e90a5a52&adstir_optout=0&callback=AdstirCB1469320314A313637569
Requested by: Host: js.ad-stir.com
URL: https://js.ad-stir.com/js/adstir.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.59.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-59-131.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13419/3a/2/ Frame 6CD0 388 B
729 B 9ms
8ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13419/3a/2/
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: 706f546745b40e0b4186ebaf64d01c353d54a6305f669445ebb81e36dea94f55

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: nginx
Age: 227
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv16-osk01-jp (ApacheTrafficServer-second [uScHs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScHs f p eN:t cCHp s ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 248

GET
H/1.1 200
200 asr
aid.send.microad.jp/ Frame 4DF8 43 B
625 B 342ms
114ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/asr?v=1&code=Utqpjbqy87I&format=pixel

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Server: Apache
Strict-Transport-Security: max-age=3600
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/gif
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H/1.1 200
200 ic
ssp.send.microad.jp/ Frame 4DF8 43 B
500 B 341ms
114ms Image
image/gif 202.233.84.16
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microad.jp/ic?ep=5YofvaRrw-QCf20LQNpf1thGCI5_Ok8Wx2ZwUqblOBdLfbpHnhlAfhwm3uU4-JZ-EgKI6WCiL6n-zMy_BBbjuGG5xz9XQ_D1aSr_eSIdULpEAsO18DFHZtLb2Pltyje56h1UfpjGK7FI5Ks-MgPw5UEq27mS2aS6fALjtRAgS_rX0-vQTfvNMsxGcJzM
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.16 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: image/gif
Content-Length: 57

GET
H2 200 load_adstir_optout.html Show response
js.ad-stir.com/js/ Frame 2230 546 B
892 B 2ms
2ms Document
text/html 13.33.174.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-stir.com/js/load_adstir_optout.html?url=http://mix.pendrawing.work/
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.174.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-174-20.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afb4895708b7ace5b1431f025508b030af5b4b23a133058744a94de67eeb7c70

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 669
cache-control: max-age=3600
content-length: 546
content-type: text/html; charset=utf-8
date: Fri, 20 May 2022 19:32:29 GMT
etag: "9b806bc4689e00e6824dc1594225523a"
last-modified: Mon, 16 May 2022 02:52:51 GMT
server: AmazonS3
via: 1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
x-amz-cf-id: 9ABoeou5H-o_vbzx-tnTsUsMrPvcIDHBFEPIEyYse3tYHeD86Mx6Sw==
x-amz-cf-pop: NRT57-C2
x-cache: Hit from cloudfront

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E6B1 31 KB
10 KB 4ms
3ms Script
text/html 23.10.15.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-10-15-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 13ef096aae58660e365533a6490cbe9d73ae660188895dca8740d8efbdecbff7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 17:10:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=36311
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9445
Expires: Sat, 21 May 2022 05:48:48 GMT

GET
H/1.1 200
OK cookie_loader.html Show response
cache.send.microad.jp/js/ Frame D8FF 2 KB
2 KB 6ms
6ms Document
text/html 14.0.42.24
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microad.jp/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.42.24 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 1909
Content-Type: text/html
Date: Fri, 20 May 2022 19:43:37 GMT
ETag: "10cf9c751f3fdad8c8784c6bf8cee57a"
Last-Modified: Thu, 28 Oct 2021 12:57:38 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PSrbJP1tu67:9 (W), 1.1 PSrbdjTYO3fx116:6 (W)
X-Px: ht PSrbdjTYO3fx116HND
X-Ws-Request-Id: 6287ef69_PSrbdjTYO3hy174_25046-63300
x-amz-id-2: 39syy1FzfVdhuE5XIArdiN0q/0HrDX1FtRGqkU4DS66sTswd3J0MaFsDYYRGZimU/3/2pJaptoQ=
x-amz-request-id: PCSZ1R902WJT8HE5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7

GET
H/1.1 200
200 ad Show response
s-rtb.send.microad.jp/ Frame 030C 2 KB
2 KB 358ms
128ms Script
text/javascript 202.233.84.3
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microad.jp/ad?spot=db62bc10882139dae10b390200a8c12c&cb=microadCompass.AdRequestor.callback&url=http%3A%2F%2Fmix.pendrawing.work%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=7eaf5177bfa8a80180e2ff3406

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.3 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

5dec906462b7b8ad08ad6493e29f42edb89f9128793434181f0b6b8a53383a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1766
X-XSS-Protection: 1; mode=block

GET
H3 200 f.js Show response
cdn-fluct.sh.adingo.jp/ Frame 6CD0 3 KB
3 KB 39ms
39ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000104666
Requested by: Host: wtag.estlier.net
URL: http://wtag.estlier.net/tagapi1.0/13419/3a/2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
via: 1.1 google
last-modified: Mon, 12 Apr 2021 01:23:17 GMT
server: nginx
etag: "cf5ec206a0bc2705586f1c0fb0bd458b"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2747
expires: Fri, 20 May 2022 20:43:37 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame E6B1 284 B
934 B 224ms
108ms Image
image/jpg 8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/jpg

GET
H2 200 / Show response
sh.adingo.jp/ Frame B069 7 KB
4 KB 30ms
30ms Script
application/x-javascript 54.199.239.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/?G=1000104667&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=83142400096165&guid=ON

Requested by

Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000104667

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.199.239.233 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-199-239-233.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

79e7de4fde92aa24edd615629d131e301c408e5ddd780cab378b2beb44e0f420

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 19:43:37 GMT
server: nginx
vary: Accept-Encoding
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
content-type: application/x-javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 adstir.js Show response
js.ad-stir.com/js/ Frame 3554 62 KB
17 KB 2ms
2ms Script
text/javascript 13.33.174.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-stir.com/js/adstir.js
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.174.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-174-20.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5b251926f2de2a103761d5e5233d01f07a32c00545bffc4379ee1bc918a116b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:32:29 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 02:52:51 GMT
server: AmazonS3
age: 669
etag: W/"7b46a56c4cdf94d98ef34c2fdc9fea0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: NRT57-C2
x-amz-cf-id: dBRHuuxxan5r3CxCGNQKwUn-oAZoHVmRN-dzKhQ_9wjLoPC0jFz04Q==

GET
H/1.1 200
200 ic
ssp.send.microad.jp/ Frame 89D2 43 B
500 B 342ms
115ms Image
image/gif 202.233.84.16
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microad.jp/ic?ep=5YofvaR00zoDReMHTUgw6mqUzOxjgnq-gLGw3MSn7HRJfHXAYQyRg6v3M0rGLAd_vdIxzqouHXP92R1Cs8cOF59tVj74k0nSo6bNoyEIgUf3zz4eDuccQ30LYeajYhV_9Qidgy8Xxh62MB4rqcd91r-m6WORzFFT_8c6Dtr02vt4sN6KNOXYqM4xN2bk
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.16 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: image/gif
Content-Length: 57

GET
DATA 200
OK truncated
/ Frame 030C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2d46dd0cef295be11326c8c53893eb11202adde943a6ed2868f9be9a5f32046

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 404 ad
ad.ad-stir.com/ Frame 3554 0
0 3ms
3ms Script
text/html 54.64.59.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-stir.com/ad?app_id=MEDIA-f9d91b43&ad_spot_no=1&locale=en&ut=1653075817553&topframe=0&origin=http%3A%2F%2Fmix.pendrawing.work%2F&sw=1600&sh=1200&dpr=1&novideo=0&topurl=1&adstir_media_uid=228e5881-d8d6-42c7-95ff-62e8e90a5a52&adstir_optout=0&callback=AdstirCB5964727848A5411709800
Requested by: Host: js.ad-stir.com
URL: https://js.ad-stir.com/js/adstir.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.59.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-59-131.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 load_adstir_optout.html Show response
js.ad-stir.com/js/ Frame 37EF 546 B
894 B 2ms
2ms Document
text/html 13.33.174.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-stir.com/js/load_adstir_optout.html?url=http://mix.pendrawing.work/
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.174.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-174-20.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afb4895708b7ace5b1431f025508b030af5b4b23a133058744a94de67eeb7c70

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 669
cache-control: max-age=3600
content-length: 546
content-type: text/html; charset=utf-8
date: Fri, 20 May 2022 19:32:29 GMT
etag: "9b806bc4689e00e6824dc1594225523a"
last-modified: Mon, 16 May 2022 02:52:51 GMT
server: AmazonS3
via: 1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
x-amz-cf-id: EVrPhEvEFzcIMHDPmTRecUoOygQ5Mvb59HRl_zM63rbBVZ2uGmHh_A==
x-amz-cf-pop: NRT57-C2
x-cache: Hit from cloudfront

GET
H2 200 / Show response
sh.adingo.jp/ Frame 6CD0 7 KB
4 KB 34ms
34ms Script
application/x-javascript 54.199.239.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/?G=1000104666&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=90432880367798&guid=ON

Requested by

Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000104666

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.199.239.233 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-199-239-233.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b0b240f0b594f26afc14c273442a73b8b05473b3e03c5194b1494804a24fed45

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 19:43:37 GMT
server: nginx
vary: Accept-Encoding
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
content-type: application/x-javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

/
cs.adingo.jp/sync/ Frame B069
Redirect Chain

https://sync.fout.jp/sync?xid=fluct
https://cs.adingo.jp/sync/?from=fout&id=yCiSxAyyvKo8cGRv0Xb_7VRwjhU

43 B
398 B

3ms
3ms

Image
image/gif

13.113.134.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=fout&id=yCiSxAyyvKo8cGRv0Xb_7VRwjhU
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Server: 13.113.134.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-134-169.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
expires: Wed, 17 Sep 1975 21:32:10 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 May 2022 19:43:37 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
P3P: CP="ADM NOI OUR"
Location: https://cs.adingo.jp/sync/?from=fout&id=yCiSxAyyvKo8cGRv0Xb_7VRwjhU
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/gif

GET
H3

200

sync
odr.mookie1.com/t/v2/ Frame B069
Redirect Chain

https://x.bidswitch.net/sync?ssp=fluct
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=

43 B
64 B

43ms
43ms

Image
image/gif

35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H3
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=
Date: Fri, 20 May 2022 19:43:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 fltids
aud.adjust-net.jp/adfrontserver/ Frame B069 0
49 B 4ms
4ms Image
text/plain 3.114.252.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.adjust-net.jp/adfrontserver/fltids?val=bd2e0bf6b71542fb614b58113e81df78
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.252.10 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-252-10.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
content-length: 0
server: nginx

GET
H/1.1 200
OK compass.js Show response
j.microad.net/js/ Frame BB01 109 KB
25 KB 5ms
5ms Script
application/javascript 104.71.157.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://j.microad.net/js/compass.js
Requested by: Host: sh.adingo.jp
URL: https://sh.adingo.jp/?G=1000104667&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=83142400096165&guid=ON
Protocol: HTTP/1.1
Server: 104.71.157.62 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-71-157-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc39e377fbff0ed82d8889ef8174b724ae80eab5c738d59b3712b10a03c2e0b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 11:47:47 GMT
Server: Apache
ETag: "1b5aa-gzip"
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: public, max-age=539703
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 25317
Expires: Fri, 27 May 2022 01:38:40 GMT

GET
H2 200 /
i.adingo.jp/ Frame B069 43 B
408 B 4ms
4ms Image
image/gif 54.92.2.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.adingo.jp/?p=4_gjC06PRcwJuidQDRENEnk6UClbChZ-CiE8J2DkPqG9v4AKvKJoFDm7TmYlImWxG-v333cd8tI-hKWhojuU3Yo5BiZ2wRsExDlv_0K6p6Qp2E2xBQpX2GsMqwwQ_tQouVh9-RNpxWiuFGRmtr2Zqgdxg9Xudp6XPG2IMQlMsk7qI__kiCg2382PX6LSFB8AO22FsAsxzwHijQ19_kIFyX5WepjpWsn_Sl88TWYbI5tvsglPgUkO8DVSUX0PM4RXCznQVqVW9Z9MbAv2F3plF_xtvE5Bs_HS-zFfO9zlEDbsaKt2V4NX4BVJHo1I8WajdCJq8WH7X-uYSEsg8sg_hOY.&v=_BPNTH8GnAJSfiLc&k=3&R=
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.2.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-92-2-218.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK cookie_loader.html Show response
cache.send.microad.jp/js/ Frame 78E6 2 KB
2 KB 4ms
4ms Document
text/html 14.0.42.24
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microad.jp/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.42.24 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 1909
Content-Type: text/html
Date: Fri, 20 May 2022 19:43:37 GMT
ETag: "10cf9c751f3fdad8c8784c6bf8cee57a"
Last-Modified: Thu, 28 Oct 2021 12:57:38 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PSrbJP1tu67:9 (W), 1.1 PSrbdjTYO3fx116:6 (W)
X-Px: ht PSrbdjTYO3fx116HND
X-Ws-Request-Id: 6287ef69_PSrbdjTYO3hy174_25046-63302
x-amz-id-2: 39syy1FzfVdhuE5XIArdiN0q/0HrDX1FtRGqkU4DS66sTswd3J0MaFsDYYRGZimU/3/2pJaptoQ=
x-amz-request-id: PCSZ1R902WJT8HE5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7

GET
H/1.1 200
200 ad Show response
s-rtb.send.microad.jp/ Frame BB01 1 KB
2 KB 343ms
115ms Script
text/javascript 202.233.84.3
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microad.jp/ad?spot=516a52ca8e632cb04f2396d51a0e305a&cb=microadCompass.AdRequestor.callback&url=http%3A%2F%2Fmix.pendrawing.work%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=98d12a39b31a800180e2ff3450

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.3 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

c0b3e0e2c1a81724d168b96de09104ed41d12015941e3e5b414c24ebb30dbfe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1535
X-XSS-Protection: 1; mode=block

GET
H2

200

/
cs.adingo.jp/sync/ Frame 6CD0
Redirect Chain

https://sync.fout.jp/sync?xid=fluct
https://cs.adingo.jp/sync/?from=fout&id=yCiSxAyyvKo8cGRv0Xb_7VRwjhU

43 B
398 B

3ms
3ms

Image
image/gif

13.113.134.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=fout&id=yCiSxAyyvKo8cGRv0Xb_7VRwjhU
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Server: 13.113.134.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-134-169.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
expires: Wed, 17 Sep 1975 21:32:10 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 May 2022 19:43:37 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
P3P: CP="ADM NOI OUR"
Location: https://cs.adingo.jp/sync/?from=fout&id=yCiSxAyyvKo8cGRv0Xb_7VRwjhU
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/gif

GET
H3

200

sync
odr.mookie1.com/t/v2/ Frame 6CD0
Redirect Chain

https://x.bidswitch.net/sync?ssp=fluct
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=

43 B
64 B

40ms
40ms

Image
image/gif

35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H3
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=
Date: Fri, 20 May 2022 19:43:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 fltids
aud.adjust-net.jp/adfrontserver/ Frame 6CD0 0
49 B 5ms
5ms Image
text/plain 3.114.252.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.adjust-net.jp/adfrontserver/fltids?val=bd2e0bf6b71542fb614b58113e81df78
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.252.10 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-252-10.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
content-length: 0
server: nginx

GET
H/1.1 200
OK compass.js Show response
j.microad.net/js/ Frame 68B1 109 KB
25 KB 6ms
5ms Script
application/javascript 104.71.157.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://j.microad.net/js/compass.js
Requested by: Host: sh.adingo.jp
URL: https://sh.adingo.jp/?G=1000104666&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=90432880367798&guid=ON
Protocol: HTTP/1.1
Server: 104.71.157.62 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-71-157-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc39e377fbff0ed82d8889ef8174b724ae80eab5c738d59b3712b10a03c2e0b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 11:47:47 GMT
Server: Apache
ETag: "1b5aa-gzip"
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: public, max-age=539703
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 25317
Expires: Fri, 27 May 2022 01:38:40 GMT

GET
H2 200 /
i.adingo.jp/ Frame 6CD0 43 B
408 B 5ms
5ms Image
image/gif 54.92.2.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.adingo.jp/?p=k1vnIiwUfP3xV2ng_ET3wiL6lirz_eSvIrWytUQgyUvcDS2KNHTYxdb2onRh7HKNNjpRxyP_vOzwDKhgAjjAGVJAdRDm1Y-sjhuC5nmMPCtxQm4RD1-Zx705d6tlxkWoeYKn1_67APescuI6zWEe5fZAESbVT3zK4jw8LXwPY-a949kaVgYj9Id_FAIfSVOA4FNrRGrjcYEDgZi83o_oGTHa33pmzm8FYobvvXeSSAyXcvAxxCOBtrxYHEWTiHPlgfLZ63Gjvz1NQQ4O1wxj2VZ9rbRGtmVrFMTgzz1SggXgH9FjTmYTsgQVN-5W2czqBQdQ413JsWw9_oQ7-ScJnRws&v=HXQDvwLj38l-FjFs&k=3&R=
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.2.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-92-2-218.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2

200

hs
s-cs.send.microad.jp/ Frame 036F
Redirect Chain

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=microad&khaos=L3EUNS5Q-1B-65CN
https://s-cs.send.microad.jp/hs?k=magnite_1&id=L3EUNS5Q-1B-65CN

43 B
551 B

346ms
114ms

Image
image/gif

202.233.84.8
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-cs.send.microad.jp/hs?k=magnite_1&id=L3EUNS5Q-1B-65CN

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac

Protocol

Server

202.233.84.8 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
x-xss-protection: 1; mode=block

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://s-cs.send.microad.jp/hs?k=magnite_1&id=L3EUNS5Q-1B-65CN
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 030b4ddd4a4f3e9891a065664f20c4bb
Expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4220 0
0 45ms
45ms Fetch
image/gif 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuILl8FJGXqkKzRDLsVJQs7D7aLdAgeWUNR5WJnrr6OOE-crxUJM28um-HgZeHSuM9HagYMwfqDatUyHKqj7y9lUzgHOes1J7dhcNiusJlZrh59__8XEFNtmxDwCGXw34gB1vMSqjX8p8pEtXGbp4VYXy1BUIoE0GpnzlG5Dj0g7xPL34ycExVFxV_uMMwAwPi3zE3jHEOI7dKxGFTzQAiUKhRxrvnChZHGPCrFuPELQMas5gnPQDeqY_2p6JYcAEAaZ7yiRPh8Fgv77Mzs0pWcPvK7vraZkqMIE13M2exxsduNJMFkkCZv&sai=AMfl-YTcNtbt91gkSM3UnDr_Uux5XdcJTHOCXrZcRwwkjXKQFN9i1zfNbRwsMdJLIeMJtgO0P0HdwLlJ-vbNWkWtJhl7CDbX0LUmqBsKzgdgVm-k5DmUI8uT_VQVPMWQTz0&sig=Cg0ArKJSzOq50KJlSvuGEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 19:43:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13421/22/20/ Frame 4220 819 B
858 B 9ms
9ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13421/22/20/
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: 7d9ed266bfc4cba3c678057ed83cd867bc8911c39732a3959e3248db00b74c4c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: nginx
Age: 247
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv07-osk01-jp (ApacheTrafficServer-second [uScRs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScSsSfUpSeN:t cCSpSs ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 377

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4220 135 KB
41 KB 65ms
64ms Script
text/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 May 2022 19:43:37 GMT

GET
H/1.1 200
OK compass.js Show response
j.microad.net/js/ Frame 4220 109 KB
25 KB 3ms
3ms Script
application/javascript 104.71.157.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://j.microad.net/js/compass.js
Requested by: Host: wtag.estlier.net
URL: http://wtag.estlier.net/tagapi1.0/13421/22/20/
Protocol: HTTP/1.1
Server: 104.71.157.62 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-71-157-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc39e377fbff0ed82d8889ef8174b724ae80eab5c738d59b3712b10a03c2e0b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 11:47:47 GMT
Server: Apache
ETag: "1b5aa-gzip"
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: public, max-age=539703
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 25317
Expires: Fri, 27 May 2022 01:38:40 GMT

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13414/34/2/ Frame AA14 388 B
729 B 9ms
9ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13414/34/2/
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: bf0a31b01d57a3e8d3b2543dabff29e0829f2d44d253336891376172940852c5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: nginx
Age: 227
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv13-osk01-jp (ApacheTrafficServer-second [uScHs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScHs f p eN:t cCHp s ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 248

GET
H/1.1 200
200 asr
aid.send.microad.jp/ Frame 72DF 43 B
625 B 342ms
114ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/asr?v=1&code=jG40gaTLVE0&format=pixel

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Server: Apache
Strict-Transport-Security: max-age=3600
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/gif
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H/1.1 200
200 ic
ssp.send.microad.jp/ Frame 72DF 43 B
500 B 343ms
115ms Image
image/gif 202.233.84.16
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microad.jp/ic?ep=5YofvaSUxfAC5VHLXeG_XQEz9-dmc1nY2OuRFIrD1qe_K4HUWLFYNmrCO269q_jqPQT8FLTNNUloZNT3cvIGM-Tqqat4RYQIvUXlmbS1SPIy5iY-dWIp5v3drAS5iQ1BZLVUNu4izjrNt-2yNR2sAL1FwVkEcZTqIv4uJr1zJW75aSG9054aUlkQQ4XU
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.16 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: image/gif
Content-Length: 57

GET
H/1.1 200
OK cookie_loader.html Show response
cache.send.microad.jp/js/ Frame EA9B 2 KB
2 KB 4ms
4ms Document
text/html 14.0.42.24
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microad.jp/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.42.24 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 1909
Content-Type: text/html
Date: Fri, 20 May 2022 19:43:37 GMT
ETag: "10cf9c751f3fdad8c8784c6bf8cee57a"
Last-Modified: Thu, 28 Oct 2021 12:57:38 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PSrbJP1tu67:9 (W), 1.1 PSrbdjTYO3fx116:6 (W)
X-Px: ht PSrbdjTYO3fx116HND
X-Ws-Request-Id: 6287ef69_PSrbdjTYO3hy174_25046-63307
x-amz-id-2: 39syy1FzfVdhuE5XIArdiN0q/0HrDX1FtRGqkU4DS66sTswd3J0MaFsDYYRGZimU/3/2pJaptoQ=
x-amz-request-id: PCSZ1R902WJT8HE5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7

GET
H/1.1 200
200 ad Show response
s-rtb.send.microad.jp/ Frame 4220 1 KB
2 KB 355ms
124ms Script
text/javascript 202.233.84.3
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microad.jp/ad?spot=88bf54fc33ab82d93562fb8e8d1468af&cb=microadCompass.AdRequestor.callback&url=http%3A%2F%2Fmix.pendrawing.work%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=d98ad004cb14c00180e2ff34aa

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.3 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

a95ee2e0d39c50f3fea0f2f98b906e20751d0ced65bd23660edd99087c6429ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1276
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cookie_loader.html Show response
cache.send.microad.jp/js/ Frame DD05 2 KB
2 KB 4ms
4ms Document
text/html 14.0.42.24
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microad.jp/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.42.24 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 1909
Content-Type: text/html
Date: Fri, 20 May 2022 19:43:37 GMT
ETag: "10cf9c751f3fdad8c8784c6bf8cee57a"
Last-Modified: Thu, 28 Oct 2021 12:57:38 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PSrbJP1tu67:9 (W), 1.1 PSrbdjTYO3fx116:6 (W)
X-Px: ht PSrbdjTYO3fx116HND
X-Ws-Request-Id: 6287ef69_PSrbdjTYO3hy174_25046-63308
x-amz-id-2: 39syy1FzfVdhuE5XIArdiN0q/0HrDX1FtRGqkU4DS66sTswd3J0MaFsDYYRGZimU/3/2pJaptoQ=
x-amz-request-id: PCSZ1R902WJT8HE5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7

GET
H/1.1 200
200 ad Show response
s-rtb.send.microad.jp/ Frame 68B1 1 KB
2 KB 344ms
115ms Script
text/javascript 202.233.84.3
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microad.jp/ad?spot=b1d71c127993266e68b7b1bdb66ff421&cb=microadCompass.AdRequestor.callback&url=http%3A%2F%2Fmix.pendrawing.work%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=9085ddb98a50700180e2ff34b2

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.3 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

0a6aafbf2ea4a5963d1b882cdff82d32a80611af3603ef779f8bf1ab729c80c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1529
X-XSS-Protection: 1; mode=block

GET
H3 200 f.js Show response
cdn-fluct.sh.adingo.jp/ Frame AA14 3 KB
3 KB 39ms
39ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000104661
Requested by: Host: wtag.estlier.net
URL: http://wtag.estlier.net/tagapi1.0/13414/34/2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
via: 1.1 google
last-modified: Mon, 12 Apr 2021 01:23:17 GMT
server: nginx
etag: "cf5ec206a0bc2705586f1c0fb0bd458b"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2747
expires: Fri, 20 May 2022 20:43:37 GMT

GET
DATA 200
OK truncated
/ Frame 4220 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e83811d10620438cc380d5dfe42441f1e27ed2609fc04c592b35d078b773d55e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
sh.adingo.jp/ Frame AA14 7 KB
4 KB 34ms
33ms Script
application/x-javascript 54.199.239.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/?G=1000104661&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=383317030377&guid=ON

Requested by

Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000104661

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.199.239.233 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-199-239-233.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

32feae9d58ed5c88f71a3e5e18d23378b591acc7b212bce6f670559d842ff5e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 19:43:37 GMT
server: nginx
vary: Accept-Encoding
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
content-type: application/x-javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 036F
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5c33c685-8d9b-4a16-9aef-4f3066e3a88d&gdpr=0&gdpr_consent=&expires=30

42 B
691 B

432ms
106ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5c33c685-8d9b-4a16-9aef-4f3066e3a88d&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5c33c685-8d9b-4a16-9aef-4f3066e3a88d&gdpr=0&gdpr_consent=&expires=30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 289

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 036F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bgfrsBZxTeiJ_CQUK2mXkg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bgfrsBZxTeiJ_CQUK2mXkg

43 B
797 B

183ms
183ms

Image
image/gif

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bgfrsBZxTeiJ_CQUK2mXkg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac

Protocol

HTTP/1.1

Server

209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 May 2022 19:43:38 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: BDEAMG1EKJKZGFWGX1ZE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bgfrsBZxTeiJ_CQUK2mXkg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 036F
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNFVU5TNVEtMUItNjVDTg==

170 B
188 B

42ms
41ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNFVU5TNVEtMUItNjVDTg==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNFVU5TNVEtMUItNjVDTg==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 709414.gif
id.rlcdn.com/ Frame 036F 42 B
449 B 143ms
130ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 19:43:37 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 036F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDR22Umegx1VWilP9n5e8UU&google_cver=1

42 B
691 B

429ms
108ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDR22Umegx1VWilP9n5e8UU&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: b2a5c63b17f16a8024ffc6259157eaa8
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDR22Umegx1VWilP9n5e8UU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 036F
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3EUNS5Q-1B-65CN&sigv=1&esig=2~748f636855e80e460a95ae23ad18d507acbddc44

0
194 B

11ms
3ms

Image
text/plain

2406:2000:a4:9fe::
YAHOO-SG internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3EUNS5Q-1B-65CN&sigv=1&esig=2~748f636855e80e460a95ae23ad18d507acbddc44

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac

Protocol

Server

2406:2000:a4:9fe:: , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3EUNS5Q-1B-65CN&sigv=1&esig=2~748f636855e80e460a95ae23ad18d507acbddc44
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b2a5c63b17f16a8024ffc6259157eaa8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 036F
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/pMugOOuv4l6cDaCneLWLXsn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7249350093604489629

42 B
691 B

235ms
107ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7249350093604489629
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/gif

Redirect headers

date: Fri, 20 May 2022 19:43:37 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7249350093604489629
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 036F
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t

43 B
932 B

320ms
320ms

Image
image/gif

52.95.126.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac

Protocol

HTTP/1.1

Server

52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 May 2022 19:43:38 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 4BCP13PCN80JCGXQEJV5
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 May 2022 19:43:38 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PW01S8K77MN3W8GARD9M
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

hs
s-cs.send.microad.jp/ Frame E6B1
Redirect Chain

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=microad&khaos=L3EUNS8P-18-8P1Q
https://s-cs.send.microad.jp/hs?k=magnite_1&id=L3EUNS8P-18-8P1Q

43 B
550 B

277ms
117ms

Image
image/gif

202.233.84.8
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-cs.send.microad.jp/hs?k=magnite_1&id=L3EUNS8P-18-8P1Q

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=microad&endpoint=apac

Protocol

Server

202.233.84.8 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
x-xss-protection: 1; mode=block

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://s-cs.send.microad.jp/hs?k=magnite_1&id=L3EUNS8P-18-8P1Q
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 548ddf114c6f6bfbb66a4cdeb6a219f4
Expires: 0

GET
H3

200

sync
odr.mookie1.com/t/v2/ Frame AA14
Redirect Chain

https://x.bidswitch.net/sync?ssp=fluct
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=

43 B
64 B

42ms
42ms

Image
image/gif

35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H3
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=
Date: Fri, 20 May 2022 19:43:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 fltids
aud.adjust-net.jp/adfrontserver/ Frame AA14 0
49 B 6ms
5ms Image
text/plain 3.114.252.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.adjust-net.jp/adfrontserver/fltids?val=bd2e0bf6b71542fb614b58113e81df78
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.252.10 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-252-10.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
content-length: 0
server: nginx

GET
H/1.1 200
OK compass.js Show response
j.microad.net/js/ Frame 6FCA 109 KB
25 KB 3ms
3ms Script
application/javascript 104.71.157.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://j.microad.net/js/compass.js
Requested by: Host: sh.adingo.jp
URL: https://sh.adingo.jp/?G=1000104661&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=383317030377&guid=ON
Protocol: HTTP/1.1
Server: 104.71.157.62 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-71-157-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc39e377fbff0ed82d8889ef8174b724ae80eab5c738d59b3712b10a03c2e0b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 11:47:47 GMT
Server: Apache
ETag: "1b5aa-gzip"
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: public, max-age=539703
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 25317
Expires: Fri, 27 May 2022 01:38:40 GMT

GET
H2 200 /
i.adingo.jp/ Frame AA14 43 B
408 B 62ms
61ms Image
image/gif 54.92.2.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.adingo.jp/?p=K1lJ1oMiII2i8jXQGR4T8IaYM-Wr3cvL7t7v3k1xfOZI5c7t0S1zwouK8VzuFYRkaav-1WJ0Y4iBLdBP-2d2YLyFPHfKksXxkOK-MNMFzKehzVh_B8RB6a-0ef9OMJuMBwTktPvaNPDLj1YiV84sJqDDcx-ikgB5tXM6KVC-g99oT2Weln67SePL4H7M8Z9MQZcw3veisz1Kr_4emCMNpgbhRDEoFi88HpFBvEEhETh5hA4ILaK-yL_3d4C7EgLDG6NMvMOmfXxMrsRJzmELp3iDsXFni39lZhfMP0c1eVBoRFxInx-GuXAxfZ75HO8JjCUERsgj66y6jIdc36p26rHn&v=OOf_OcSRknYWEHKz&k=3&R=
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.2.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-92-2-218.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK cookie_loader.html Show response
cache.send.microad.jp/js/ Frame 0057 2 KB
2 KB 4ms
4ms Document
text/html 14.0.42.24
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microad.jp/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.42.24 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 1909
Content-Type: text/html
Date: Fri, 20 May 2022 19:43:37 GMT
ETag: "10cf9c751f3fdad8c8784c6bf8cee57a"
Last-Modified: Thu, 28 Oct 2021 12:57:38 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PSrbJP1tu67:9 (W), 1.1 PSrbdjTYO3fx116:6 (W)
X-Px: ht PSrbdjTYO3fx116HND
X-Ws-Request-Id: 6287ef69_PSrbdjTYO3hy174_25046-63310
x-amz-id-2: 39syy1FzfVdhuE5XIArdiN0q/0HrDX1FtRGqkU4DS66sTswd3J0MaFsDYYRGZimU/3/2pJaptoQ=
x-amz-request-id: PCSZ1R902WJT8HE5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7

GET
H/1.1 200
200 ad Show response
s-rtb.send.microad.jp/ Frame 6FCA 1 KB
2 KB 344ms
115ms Script
text/javascript 202.233.84.3
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microad.jp/ad?spot=74fd4dfb867bf9d0a9f101bf1f4fca71&cb=microadCompass.AdRequestor.callback&url=http%3A%2F%2Fmix.pendrawing.work%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=949535b9d802300180e2ff3518

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.3 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

e000a2e3728f7fb61c797b13852337d97b6cab5fee257b739ec44a6481bc0a8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:38 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1437
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13418/21/2/ Frame 2867 388 B
729 B 10ms
9ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13418/21/2/
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: 66c24a1d73102e95832c984d192e83cc84f3a0fa9125171a540b2504c53ab2db

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Server: nginx
Age: 184
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv03-osk01-jp (ApacheTrafficServer-second [uScHs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScSsSfUpSeN:t cCSpSs ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 248

GET
H/1.1 200
200 asr
aid.send.microad.jp/ Frame 030C 43 B
625 B 343ms
115ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/asr?v=1&code=wjYYWZkhlE4&format=pixel

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:38 GMT
Server: Apache
Strict-Transport-Security: max-age=3600
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/gif
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H/1.1 200
200 ic
ssp.send.microad.jp/ Frame 030C 43 B
500 B 344ms
116ms Image
image/gif 202.233.84.16
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microad.jp/ic?ep=5YofvaTHFFsCpmP9iVjjP19LLiw-rHOmH4_SqRr-H3O2uTbh2UrBpDYDzPUxx4jlo0jSKT8gMT55n01lLjPxqGiG2aTmCao1Nqjh7qVO0WBuJ9Gl-Q5Z-WORgjkyZAkybU7VpLLjOaFB27Wlg0mqJR6oxS4ViiVgVifxpRkfVWFmmFWZIegSpUkQncno
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.16 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:38 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: image/gif
Content-Length: 57

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58376/ Frame 030C
Redirect Chain

https://aid.send.microad.jp/asr?v=1&code=1lEd6kdM8PY&format=pixel
https://pixel.advertising.com/ups/58376/sync?uid=Onb6ZXNFJyKZ6reaYHTAbB5iPDLncHloDC3ImDoCCV4AnC03tMjjBw&_origin=1&gdpr=0&gdpr_consent=
https://pixel.advertising.com/ups/58376/sync?uid=Onb6ZXNFJyKZ6reaYHTAbB5iPDLncHloDC3ImDoCCV4AnC03tMjjBw&_origin=1&gdpr=0&gdpr_consent=&verify=true
https://ups.analytics.yahoo.com/ups/58376/sync?uid=Onb6ZXNFJyKZ6reaYHTAbB5iPDLncHloDC3ImDoCCV4AnC03tMjjBw&_origin=1&gdpr=0&gdpr_consent=&apid=UP24d848f1-d875-11ec-970b-0a3913709c99

0
321 B

10ms
10ms

Image
text/plain

18.178.22.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58376/sync?uid=Onb6ZXNFJyKZ6reaYHTAbB5iPDLncHloDC3ImDoCCV4AnC03tMjjBw&_origin=1&gdpr=0&gdpr_consent=&apid=UP24d848f1-d875-11ec-970b-0a3913709c99

Requested by

Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/

Protocol

Server

18.178.22.21 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-178-22-21.ap-northeast-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:38 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58376/sync?uid=Onb6ZXNFJyKZ6reaYHTAbB5iPDLncHloDC3ImDoCCV4AnC03tMjjBw&_origin=1&gdpr=0&gdpr_consent=&apid=UP24d848f1-d875-11ec-970b-0a3913709c99
date: Fri, 20 May 2022 19:43:38 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

hs
s-cs.send.microad.jp/ Frame 030C
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=14&p=199&cp=microad.openrtb&cu=1&url=https%3A%2F%2Fs-cs.send.microad.jp%2Fhs%3Fk%3Dcriteo_hs%26id%3D%40%40CRITEO_USERID%40%40%0D%0A
https://s-cs.send.microad.jp/hs?k=criteo_hs&id=8a2a9094-442b-4e9e-9c00-e7fafa1fa308

43 B
550 B

361ms
120ms

Image
image/gif

202.233.84.8
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-cs.send.microad.jp/hs?k=criteo_hs&id=8a2a9094-442b-4e9e-9c00-e7fafa1fa308

Requested by

Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/

Protocol

Server

202.233.84.8 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
x-xss-protection: 1; mode=block

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
server: Kestrel
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://s-cs.send.microad.jp/hs?k=criteo_hs&id=8a2a9094-442b-4e9e-9c00-e7fafa1fa308
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1020042
content-length: 0
expires: Fri, 20 May 2022 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B1E2 0
0 44ms
44ms Fetch
image/gif 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsti-9NN7x2BBQKE9CdiFFF7xJVmwLVJLuho5wJaEJNki9YcOrfCgrmcg5wLrsNm2Apf5ZJOrX0O3mhNJN_gb_Omb9pACaaDfMgUteHE9HRfr2pvFPQVmRiWciwUg39ZIlf-FeOSoLz8BH0fcAwTFR3Ax-8LKAoBu4tlgcIMC7UI1EEZY0au0-Qr6LJviZUAH-mIfBVlfrO9cP0sNmJeQgabDFCe9pgOTBGl7bUUVKwzWCAvixmRehPkQiZbG9C8X5Rf0QEc9cBmK8FSmeNwiNxrYSd06RmQCPkG8Gm3GD3om8mRD_efDVA9AcU&sai=AMfl-YS97lRWbS8aKl7VZ7dZMth3LK_knK6uJS7rm62jmE2Kc65YBrNPwKvkO6yfa9z2Rg0-pno9a-QO7oEa_z75kxIYtS8zyDp7-7eUxbYKB2J8hNixbWa9ti0c3R_DG78P&sig=Cg0ArKJSzNWPBAyVSX80EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 19:43:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 20 May 2022 19:43:37 GMT

GET
H3 200 f.js Show response
cdn-fluct.sh.adingo.jp/ Frame 2867 3 KB
3 KB 42ms
42ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000104665
Requested by: Host: wtag.estlier.net
URL: http://wtag.estlier.net/tagapi1.0/13418/21/2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
via: 1.1 google
last-modified: Mon, 12 Apr 2021 01:23:17 GMT
server: nginx
etag: "cf5ec206a0bc2705586f1c0fb0bd458b"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2747
expires: Fri, 20 May 2022 20:43:37 GMT

GET
H2 200 adstir.js Show response
js.ad-stir.com/js/ Frame 7102 62 KB
17 KB 3ms
2ms Script
text/javascript 13.33.174.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-stir.com/js/adstir.js
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.174.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-174-20.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5b251926f2de2a103761d5e5233d01f07a32c00545bffc4379ee1bc918a116b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:32:29 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 02:52:51 GMT
server: AmazonS3
age: 669
etag: W/"7b46a56c4cdf94d98ef34c2fdc9fea0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: NRT57-C2
x-amz-cf-id: TqbsD1Lq0-nnnt6UUQbyrboHqAHAKdlKqu4Qv5d8IXsbplHH1WWTHg==

GET
H/1.1 200
200 ic
ssp.send.microad.jp/ Frame BB01 43 B
500 B 344ms
116ms Image
image/gif 202.233.84.16
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microad.jp/ic?ep=5YofvaTVJW4BBIlqwHUxUNHGvCEz9mjAxDUTfHcmG5YgjVYNLtQ_CPaPbt9QS0-BKL6wJ2dDCudaAbPJ7r9TggkKHsBt_8g7bsvaN4bQL8yqt2OLmIBVFehn4A9uDwLXXtA_CHJvm4sgW1LROK_4O3bL_vc2GPvcprtjn0iTkgXsZG6f6IzHBGkuhm7c
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.16 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:38 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: image/gif
Content-Length: 57

GET
H2

200

hs
s-cs.send.microad.jp/ Frame BB01
Redirect Chain

https://ds.uncn.jp/compass/0/sync_push
https://s-cs.send.microad.jp/hs?k=unicorn_1&id=v_3418df40-eea4-46d3-85be-2b69733ba06d

43 B
550 B

337ms
118ms

Image
image/gif

202.233.84.8
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-cs.send.microad.jp/hs?k=unicorn_1&id=v_3418df40-eea4-46d3-85be-2b69733ba06d

Requested by

Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/

Protocol

Server

202.233.84.8 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
x-xss-protection: 1; mode=block

Redirect headers

Location: https://s-cs.send.microad.jp/hs?k=unicorn_1&id=v_3418df40-eea4-46d3-85be-2b69733ba06d
Date: Fri, 20 May 2022 19:43:37 GMT
Server: Apache
Connection: keep-alive
Content-Length: 112
Content-Type: text/html; charset=utf-8

GET
H2 404 ad
ad.ad-stir.com/ Frame 7102 0
0 5ms
5ms Script
text/html 54.64.59.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-stir.com/ad?app_id=MEDIA-f9d91b43&ad_spot_no=8&locale=en&ut=1653075818004&topframe=0&origin=http%3A%2F%2Fmix.pendrawing.work%2F&sw=1600&sh=1200&dpr=1&novideo=0&topurl=1&adstir_media_uid=228e5881-d8d6-42c7-95ff-62e8e90a5a52&adstir_optout=0&callback=AdstirCB398558728A5505362795
Requested by: Host: js.ad-stir.com
URL: https://js.ad-stir.com/js/adstir.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.59.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-59-131.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 load_adstir_optout.html Show response
js.ad-stir.com/js/ Frame 934C 546 B
893 B 2ms
2ms Document
text/html 13.33.174.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-stir.com/js/load_adstir_optout.html?url=http://mix.pendrawing.work/
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.174.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-174-20.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afb4895708b7ace5b1431f025508b030af5b4b23a133058744a94de67eeb7c70

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 669
cache-control: max-age=3600
content-length: 546
content-type: text/html; charset=utf-8
date: Fri, 20 May 2022 19:32:29 GMT
etag: "9b806bc4689e00e6824dc1594225523a"
last-modified: Mon, 16 May 2022 02:52:51 GMT
server: AmazonS3
via: 1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
x-amz-cf-id: IYcVX994Eu2n_Sm0pmZ1MVaecWpRcWUluwXCCPJiVLgIsMk9ZZtEgA==
x-amz-cf-pop: NRT57-C2
x-cache: Hit from cloudfront

GET
H2 200 / Show response
sh.adingo.jp/ Frame 2867 7 KB
4 KB 33ms
32ms Script
application/x-javascript 54.199.239.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/?G=1000104665&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=23383731286288&guid=ON

Requested by

Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000104665

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.199.239.233 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-199-239-233.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

395a7c8dfe5b5f1ee5c88de671253b86a71f910a28f770561f66bb1cbeb2738a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 19:43:37 GMT
server: nginx
vary: Accept-Encoding
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
content-type: application/x-javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

sync
odr.mookie1.com/t/v2/ Frame 2867
Redirect Chain

https://x.bidswitch.net/sync?ssp=fluct
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=

43 B
64 B

42ms
41ms

Image
image/gif

35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H3
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=
Date: Fri, 20 May 2022 19:43:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 fltids
aud.adjust-net.jp/adfrontserver/ Frame 2867 0
49 B 6ms
6ms Image
text/plain 3.114.252.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.adjust-net.jp/adfrontserver/fltids?val=bd2e0bf6b71542fb614b58113e81df78
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.252.10 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-252-10.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:37 GMT
content-length: 0
server: nginx

GET
H/1.1 200
OK compass.js Show response
j.microad.net/js/ Frame 21D0 109 KB
25 KB 3ms
3ms Script
application/javascript 104.71.157.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://j.microad.net/js/compass.js
Requested by: Host: sh.adingo.jp
URL: https://sh.adingo.jp/?G=1000104665&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=23383731286288&guid=ON
Protocol: HTTP/1.1
Server: 104.71.157.62 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-71-157-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc39e377fbff0ed82d8889ef8174b724ae80eab5c738d59b3712b10a03c2e0b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 11:47:47 GMT
Server: Apache
ETag: "1b5aa-gzip"
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: public, max-age=539703
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 25317
Expires: Fri, 27 May 2022 01:38:40 GMT

GET
H2 200 /
i.adingo.jp/ Frame 2867 43 B
408 B 6ms
5ms Image
image/gif 54.92.2.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.adingo.jp/?p=owZ0T_iOc8KWbKJnpBJBGsKYPFPxpozKCgF6UgL3UuxJVaflFQMBACE4Rq-gQGNengPwtbwao9P05ngRIpypcjycsOph9WNfTrZYsQuF8K4VJwTWpOWYM6idYWDg4ufjwPlWgHGOWdrENuYibuVf9k0T4N-Rn5mihuAz_WNkSK2LMqMqBL_V2Jw-vQSiamqtQaal8ZiP3lXWE0b-DOyGl_Cy0_t3rb7NVle0-qY1QDdKL2c2TLyy-9aZOwu9OWv_Puw42fdFLSrAyt8wBXMo88vl74xpEoik4Ct5LeV02Rca09vrQ8ija8Dtsq2AxxFBFlEhIzaO84QsVL_zdQPYFGP5BQ..&v=97vG63fY1lKKitEp&k=3&R=
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.2.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-92-2-218.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:37 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 adstir.js Show response
js.ad-stir.com/js/ Frame 8D5A 62 KB
17 KB 3ms
3ms Script
text/javascript 13.33.174.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-stir.com/js/adstir.js
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.174.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-174-20.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5b251926f2de2a103761d5e5233d01f07a32c00545bffc4379ee1bc918a116b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:32:29 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 02:52:51 GMT
server: AmazonS3
age: 670
etag: W/"7b46a56c4cdf94d98ef34c2fdc9fea0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: NRT57-C2
x-amz-cf-id: xU2vxvAvGwXkSdEgHFV8cpqFhcA9tlPlzssElII-Vu911MbdMOXCBA==

GET
H/1.1

200
200

asr
aid.send.microad.jp/g/pc/ Frame 68B1
Redirect Chain

http://aid.send.microad.jp/g/pc/asr
https://aid.send.microad.jp/g/pc/asr

43 B
625 B

341ms
114ms

Image
image/gif

202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/pc/asr

Requested by

Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/

Protocol

HTTP/1.1

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:38 GMT
Server: Apache
Strict-Transport-Security: max-age=3600
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/gif
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

Redirect headers

Location: https://aid.send.microad.jp/g/pc/asr
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
200 ic
ssp.send.microad.jp/ Frame 68B1 43 B
500 B 343ms
115ms Image
image/gif 202.233.84.16
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microad.jp/ic?ep=5YofvaTsv-kBFY-bWcTyPMyD0ZHibpCVmGMGyu2MmLUn6vHU4gcrvmqCyO3_SmfwBKZnDgn1FYrS0qd_crL1sKYLNrFB5x8SAH3FWg4DO3o2usW5N4F9eMR_NyYAuR26ygM_vu5iPbmPVn6kELMrFhx94Zq-x-tuPrLBqeOSunTBBNNEC2SqIeC43ako
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.16 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:38 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: image/gif
Content-Length: 57

GET
H/1.1 200
OK / Show response
wtag.estlier.net/tagapi1.0/13421/22/2/ Frame 0A09 388 B
729 B 10ms
9ms Script
text/html 133.167.7.2
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://wtag.estlier.net/tagapi1.0/13421/22/2/
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Server: 133.167.7.2 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx / PHP/7.2.32
Resource Hash: b0b31ec672542df89dbbeaf148beb7a97e1272de59a41d754394c6ec209e1ec5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:38 GMT
Content-Encoding: gzip
Server: nginx
Age: 241
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Via: http/1.1 sv03-osk01-jp (ApacheTrafficServer-second [uScHs f p eN:t cCHp s ]), http/1.1 sv05-osk01-jp (ApacheTrafficServer-first [uScSsSfUpSeN:t cCSpSs ])
Cache-Control: s-maxage=900, public
Connection: keep-alive
X-WebAccel-Origin-Status: 200
Content-Length: 248

GET
H/1.1 200
200 ic
ssp.send.microad.jp/ Frame 4220 43 B
500 B 342ms
115ms Image
image/gif 202.233.84.16
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microad.jp/ic?ep=5YofvaTtdwQBZcJDMjGvhrrLv1URWzCWCYRFThfWNtBLw5f5o0I88CrTwJwE4vYgKWvxukh-sWRTl7AxMuP9wV2jp2FsKommQfZhtI9GLDRy993MzCsnAOmyoapFOoloS0Y88K4zNch0_stgCWqJtmn2RXQ_gtg0Svf9zCw6K6TtBhzATmqIf2Pywy0w
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.16 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:38 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: image/gif
Content-Length: 57

GET
H/1.1 200
OK cookie_loader.html Show response
cache.send.microad.jp/js/ Frame B6A9 2 KB
2 KB 7ms
6ms Document
text/html 14.0.42.24
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microad.jp/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.42.24 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 1909
Content-Type: text/html
Date: Fri, 20 May 2022 19:43:38 GMT
ETag: "10cf9c751f3fdad8c8784c6bf8cee57a"
Last-Modified: Thu, 28 Oct 2021 12:57:38 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PSrbJP1tu67:9 (W), 1.1 PSrbdjTYO3fx116:6 (W)
X-Px: ht PSrbdjTYO3fx116HND
X-Ws-Request-Id: 6287ef6a_PSrbdjTYO3hy174_25046-63324
x-amz-id-2: 39syy1FzfVdhuE5XIArdiN0q/0HrDX1FtRGqkU4DS66sTswd3J0MaFsDYYRGZimU/3/2pJaptoQ=
x-amz-request-id: PCSZ1R902WJT8HE5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7

GET
H/1.1 200
200 ad Show response
s-rtb.send.microad.jp/ Frame 21D0 1 KB
2 KB 343ms
115ms Script
text/javascript 202.233.84.3
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microad.jp/ad?spot=81ae89f7bb0496c86762141f982a062a&cb=microadCompass.AdRequestor.callback&url=http%3A%2F%2Fmix.pendrawing.work%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=6153c62c87efc40180e2ff3666

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.3 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

dcd9a3e3ab37c0a2cda2ccd924b20287dc9a904557241152ef25a96d08c8ab33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:38 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1437
X-XSS-Protection: 1; mode=block

GET
H2 404 ad
ad.ad-stir.com/ Frame 8D5A 0
0 3ms
3ms Script
text/html 54.64.59.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-stir.com/ad?app_id=MEDIA-f9d91b43&ad_spot_no=7&locale=en&ut=1653075818168&topframe=0&origin=http%3A%2F%2Fmix.pendrawing.work%2F&sw=1600&sh=1200&dpr=1&novideo=0&topurl=1&adstir_media_uid=228e5881-d8d6-42c7-95ff-62e8e90a5a52&adstir_optout=0&callback=AdstirCB4094823303A6046681503
Requested by: Host: js.ad-stir.com
URL: https://js.ad-stir.com/js/adstir.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.59.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-59-131.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 f.js Show response
cdn-fluct.sh.adingo.jp/ Frame 0A09 3 KB
3 KB 39ms
39ms Script
application/javascript 130.211.14.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000104668
Requested by: Host: wtag.estlier.net
URL: http://wtag.estlier.net/tagapi1.0/13421/22/2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.14.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.14.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:38 GMT
via: 1.1 google
last-modified: Mon, 12 Apr 2021 01:23:17 GMT
server: nginx
etag: "cf5ec206a0bc2705586f1c0fb0bd458b"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2747
expires: Fri, 20 May 2022 20:43:38 GMT

GET
H2 200 load_adstir_optout.html Show response
js.ad-stir.com/js/ Frame BE9F 546 B
894 B 2ms
2ms Document
text/html 13.33.174.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-stir.com/js/load_adstir_optout.html?url=http://mix.pendrawing.work/
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.174.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-174-20.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afb4895708b7ace5b1431f025508b030af5b4b23a133058744a94de67eeb7c70

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 670
cache-control: max-age=3600
content-length: 546
content-type: text/html; charset=utf-8
date: Fri, 20 May 2022 19:32:29 GMT
etag: "9b806bc4689e00e6824dc1594225523a"
last-modified: Mon, 16 May 2022 02:52:51 GMT
server: AmazonS3
via: 1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
x-amz-cf-id: NMMUivrnSDpvcDJFcCOLcYab4NGLQFfxCI7tncg642zvXSXhMNz4nA==
x-amz-cf-pop: NRT57-C2
x-cache: Hit from cloudfront

GET
H2 200 adstir.js Show response
js.ad-stir.com/js/ Frame A68E 62 KB
17 KB 2ms
2ms Script
text/javascript 13.33.174.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-stir.com/js/adstir.js
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.174.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-174-20.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5b251926f2de2a103761d5e5233d01f07a32c00545bffc4379ee1bc918a116b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:32:29 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 02:52:51 GMT
server: AmazonS3
age: 670
etag: W/"7b46a56c4cdf94d98ef34c2fdc9fea0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: NRT57-C2
x-amz-cf-id: oFE3NhNaHPIfP92WYhkYSPkSRaOtGjE_UzH00PZfI7JAuhhbRk2BQw==

GET
H/1.1 200
200 ic
ssp.send.microad.jp/ Frame 6FCA 43 B
500 B 345ms
116ms Image
image/gif 202.233.84.16
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microad.jp/ic?ep=5YofvagWplcDAA3zkw2I6XP2oTdarm94ys-aybliscf4VxYo1F0x1JV8hXLl8Y3mCNA1EFjjDEuciL0VjUy4L7yw3KdNkU0MUWvcm0BZIRDJRIgmLTqWlsgJZThRrwRHqFk91BGccCaV7ZSyHMV5CE1r-FvwnfEEwUyMNvkpUGLMgCHIy3s1yKPS8HvE
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.16 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:38 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: image/gif
Content-Length: 57

GET
H2 404 ad
ad.ad-stir.com/ Frame A68E 0
0 3ms
3ms Script
text/html 54.64.59.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-stir.com/ad?app_id=MEDIA-f9d91b43&ad_spot_no=2&locale=en&ut=1653075818161&topframe=0&origin=http%3A%2F%2Fmix.pendrawing.work%2F&sw=1600&sh=1200&dpr=1&novideo=0&topurl=1&adstir_media_uid=228e5881-d8d6-42c7-95ff-62e8e90a5a52&adstir_optout=0&callback=AdstirCB9220385903A7418352588
Requested by: Host: js.ad-stir.com
URL: https://js.ad-stir.com/js/adstir.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.59.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-59-131.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 load_adstir_optout.html Show response
js.ad-stir.com/js/ Frame E7E5 546 B
893 B 2ms
2ms Document
text/html 13.33.174.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-stir.com/js/load_adstir_optout.html?url=http://mix.pendrawing.work/
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.174.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-174-20.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afb4895708b7ace5b1431f025508b030af5b4b23a133058744a94de67eeb7c70

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 670
cache-control: max-age=3600
content-length: 546
content-type: text/html; charset=utf-8
date: Fri, 20 May 2022 19:32:29 GMT
etag: "9b806bc4689e00e6824dc1594225523a"
last-modified: Mon, 16 May 2022 02:52:51 GMT
server: AmazonS3
via: 1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
x-amz-cf-id: _P3t3tKEQnPCQxhylxUVxWM1TF2-CdwZFqJ8XMmhWeVui0llpawYQg==
x-amz-cf-pop: NRT57-C2
x-cache: Hit from cloudfront

GET
H2 200 / Show response
sh.adingo.jp/ Frame 0A09 7 KB
4 KB 32ms
32ms Script
application/x-javascript 54.199.239.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/?G=1000104668&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=62613257633416&guid=ON

Requested by

Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000104668

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.199.239.233 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-199-239-233.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

1fde5e99d59e52df6f9d85e8384617aa3e241dd0dcd03b507dfefdb1867f20ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 19:43:38 GMT
server: nginx
vary: Accept-Encoding
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
content-type: application/x-javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

sync
odr.mookie1.com/t/v2/ Frame 0A09
Redirect Chain

https://x.bidswitch.net/sync?ssp=fluct
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=

43 B
64 B

42ms
42ms

Image
image/gif

35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H3
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:38 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4c57029c-9957-4ff1-83f1-f0ff17b38e45&ssp=fluct&gdpr=&gdpr_consent=
Date: Fri, 20 May 2022 19:43:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 fltids
aud.adjust-net.jp/adfrontserver/ Frame 0A09 0
49 B 4ms
4ms Image
text/plain 3.114.252.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.adjust-net.jp/adfrontserver/fltids?val=bd2e0bf6b71542fb614b58113e81df78
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.252.10 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-252-10.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:43:38 GMT
content-length: 0
server: nginx

GET
H/1.1 200
OK compass.js Show response
j.microad.net/js/ Frame 3A7F 109 KB
25 KB 3ms
3ms Script
application/javascript 104.71.157.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://j.microad.net/js/compass.js
Requested by: Host: sh.adingo.jp
URL: https://sh.adingo.jp/?G=1000104668&href=http%3A%2F%2Fmix.pendrawing.work%2F&serial=62613257633416&guid=ON
Protocol: HTTP/1.1
Server: 104.71.157.62 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-71-157-62.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc39e377fbff0ed82d8889ef8174b724ae80eab5c738d59b3712b10a03c2e0b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 11:47:47 GMT
Server: Apache
ETag: "1b5aa-gzip"
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: public, max-age=539702
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 25317
Expires: Fri, 27 May 2022 01:38:40 GMT

GET
H2 200 /
i.adingo.jp/ Frame 0A09 43 B
408 B 5ms
5ms Image
image/gif 54.92.2.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.adingo.jp/?p=UeectN5Y2fHmlj3pnhPR-eM0fy98l-ePG9OmVofBOzKt70Js8aRXeQ7S3E2ARhVu9iemn5q5OIG_MMGVNC0Cq8LCRA3y04x5-HNu9zwgI1KokcM74nUd7iL-6qyjsRZRpsGci9O9F2dkrmBPv0j0VVRvEM0D2wPJ11Q9I_EVZSa49BOwb-dpw0LbSSqlzjBbE38HZhKHVn0rDJDFxqx6uBjxe8qcZetvjUIhK6V01N_YeDwoR4HMDQkmLZMW15qjqfAPSwchED75jT5iYU4xq_8dCyrjDcjo3PcGyKj8LgyS_L5_HIppi6EchBZrMivDQXNJalKFTpZaSyl9WRN0_ns.&v=UK2z7CvAMQ3nEHvG&k=3&R=
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.2.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-92-2-218.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:38 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK cookie_loader.html Show response
cache.send.microad.jp/js/ Frame F5D7 2 KB
2 KB 5ms
4ms Document
text/html 14.0.42.24
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.send.microad.jp/js/cookie_loader.html
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.42.24 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 1909
Content-Type: text/html
Date: Fri, 20 May 2022 19:43:38 GMT
ETag: "10cf9c751f3fdad8c8784c6bf8cee57a"
Last-Modified: Thu, 28 Oct 2021 12:57:38 GMT
Server: PWS/8.3.1.0.8
Via: 1.1 PSrbJP1tu67:9 (W), 1.1 PSrbdjTYO3fx116:6 (W)
X-Px: ht PSrbdjTYO3fx116HND
X-Ws-Request-Id: 6287ef6a_PSrbdjTYO3hy174_25046-63337
x-amz-id-2: 39syy1FzfVdhuE5XIArdiN0q/0HrDX1FtRGqkU4DS66sTswd3J0MaFsDYYRGZimU/3/2pJaptoQ=
x-amz-request-id: PCSZ1R902WJT8HE5
x-amz-version-id: 86S9YnMfqbb4szWji6MFrROZcTTQMGU7

GET
H/1.1 200
200 ad Show response
s-rtb.send.microad.jp/ Frame 3A7F 2 KB
2 KB 344ms
116ms Script
text/javascript 202.233.84.3
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb.send.microad.jp/ad?spot=168612a5dc349bb773dce0e862aa5175&cb=microadCompass.AdRequestor.callback&url=http%3A%2F%2Fmix.pendrawing.work%2F&vo=true&mimes=%5B100%2C300%2C301%2C302%5D&cbt=890d9e7c5989800180e2ff36c2

Requested by

Host: j.microad.net
URL: http://j.microad.net/js/compass.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.3 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

48c0dd126e362c61d651c1c4f39b35a46ea402fabb248c03cb3ffb374c9ef1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:38 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1563
X-XSS-Protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 44C9 0
0 41ms
41ms Fetch
image/gif 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulS9dnd4uwFOC6bMUB0qG8PuNb_evDcX8395JKzsEKYDxo6irZs6M70JKVBYp8spgr-GGgNjNHrjmxobgIYB17OhVdd02y72eRRhnTXf9fKLFUX1eAvYLnltbqAIMQmMYZ7e7FyJvcC-40HEp94Wsx90MHUgfMjmLICoUlygERwm0DcqRx-DkpnJHLBRvhh1td98jAaTpoHGdoHNOjJzDQkJ_cyq1GpXloYCcNZLYq8rW4p1nWN-GUkhRxJOu5catHFbOnSMEDE86SqXe1VAEqufW-NYAggkFjRpmwi_SDJf5-YqSyCY36y-0&sai=AMfl-YRycNZxB-JIVK2h8Q151EO6LZD9hlI9B8K2SVLs28YLzDd835whmtGEKvGBnBJlUPAsYgif9cmUUWDtevQzc3_Yp1rAdGJm4zzTrd6cNKp2-aMytasE3LBv5BycJ9V3&sig=Cg0ArKJSzFh2nKn4djCeEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 19:43:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 20 May 2022 19:43:38 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EB38 0
0 41ms
41ms Fetch
image/gif 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJ00GWjcVf6OmLE9zlCe6pikc4hO2aSB4Z2TewK7FqqA4-3rkOF7J0iUlVFI9UaDRQGq8vtBFOo73iTU_tM4l_Mlya-0B5o9zYVcFa5-g8L_30ronIL1cr_P2uQNVsNSqzzxL_xjyLBhQEVYQWRXn60ecQTD7jjIOB1gN80YGTI8j-o1nnO2nsRcR094KmjG3msvrXgIv_RKZyIuFOFlQsumMjMDSdOFXN5O9EOYWdR0BmEInTrA7aIXIIhaj1JLzL3SfRdg-S1DhljvI8RvbGBF4koYt_sbPl4HRiMyPPz9-QXTMHmyEuoMU&sai=AMfl-YRyzJ_Sk3eCYiWKZwyTYqeB2BnVFa-fxRRjvS2NM9Byp8cMlVBDy7GsNLRD9lZ1rUjDRcxSeCUjkFAnlgwQ-ovV6EyTLK9M50EK7ZBp-JEI5KwWWw_KQ5Cw1u9gOsOuhhM&sig=Cg0ArKJSzOlm9wWMqfZUEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 19:43:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 20 May 2022 19:43:38 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4DF8 0
0 45ms
44ms Fetch
image/gif 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGbkwQSUkcjzA2IPXNrUm5fO8-PuCyH1rqRSNcc37xTwY081ETjDK-MHMK0soSA_ioah6I6aG_swxDt2m2BDxU8BxvYubBvQwmHAIG4sxLqxr5fgnZl01BJ6JGvh_SLkRFDx1gb9VZRRYMl_NjueC0QKaBz0TB-YTnf3HHn3KtX-tTbd3PghZ05jxR_kKTqT1LxFZ93Vdth8SccTRxVJ6B8St3CEjd1BXF6pj4TfQK0ij5lyBRMCNKGeO8v6Cj9PYBLzawBidCjqcGhX1yyHyLmSsWw4fdEXjQF3_YbyIKU1Sw0b4b6_XZ8pY&sai=AMfl-YRUOIY4jWjFHIO8QNzgpbidnaYouNM1IK0ae0KxXYKRzneoS7NF5EEsYF3cYgUpGVCTR8GRRnZGYPzvGbM7QJzuZmYKdXXWLPAne91M3u25f8vO4Ovhw-JpPz10kfYm&sig=Cg0ArKJSzKBOQtul03jCEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 19:43:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 20 May 2022 19:43:38 GMT

GET
H2 200 adstir.js Show response
js.ad-stir.com/js/ Frame C236 62 KB
17 KB 3ms
2ms Script
text/javascript 13.33.174.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-stir.com/js/adstir.js
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.174.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-174-20.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5b251926f2de2a103761d5e5233d01f07a32c00545bffc4379ee1bc918a116b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:32:29 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 02:52:51 GMT
server: AmazonS3
age: 670
etag: W/"7b46a56c4cdf94d98ef34c2fdc9fea0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: NRT57-C2
x-amz-cf-id: eU20nzmU7YdMuOaH7oyHj9UOugDbBj73kglgtVcOZKNK_CZS-PCvyQ==

GET
H/1.1 200
200 ic
ssp.send.microad.jp/ Frame 21D0 43 B
500 B 343ms
115ms Image
image/gif 202.233.84.16
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microad.jp/ic?ep=5YofvahlzgMByOIVuOJbgEq_b3dpPiUVx3O3coT0mT0-5a4zAv59CVNsxgR1toa44dTfGcegAmeWK_HIS1z7WSz31_mklacFzijSt0r6bc0PVMtQvX2cNCENjzHO7ApXivppCdeMM1AFqp_s9cGTAdIo9nf6Pr3ZB1zPQGluWzwlClKuQ25bnKq3-Lkw
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.16 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:38 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: image/gif
Content-Length: 57

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 72DF 0
0 39ms
39ms Fetch
image/gif 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWWlEolfkJRj1C0HpitERcUr7d2NYSVBi3Vwp7x-9hWfgoF99iHyBUjPQiwUHj74tRpy5iBPvgnN1wCuIl1hnj9Eybih2DLmq9f1V3oVpUexpnPj82yMUoFnZq4KD5jDq-LiOsF0WGbOrlHeXrWOT0zzHo-gyGGF09GsLkHthwwntEm5P2iYXaMlU7AUusX3lVDjnoPxVrsWoR-8qUjwjo_7Na-lWjKH_d22G-kkb8YNay-Ry_XIY5JpF8glpVqAaeBvFLDHYTiAW3OIIHQiykG6_f2KSbpjnJ-j_9y93RJQpxrFDLVuM-KhU&sai=AMfl-YRh3b-UkuCA9qQ_x1c4YMSi3g0vDh_awaDx59G4ughkSwk-F-QRABwH9AOGizaqpgwH9BfDVwIGRRz0Nu78mtuFSn8O6W97ZT4BvKrMcFPCSs1awnXuIZ84wT2YnZYz&sig=Cg0ArKJSzJdRyeVoaPHCEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 19:43:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 20 May 2022 19:43:38 GMT

GET
H2 404 ad
ad.ad-stir.com/ Frame C236 0
0 3ms
3ms Script
text/html 54.64.59.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-stir.com/ad?app_id=MEDIA-f9d91b43&ad_spot_no=6&locale=en&ut=1653075818481&topframe=0&origin=http%3A%2F%2Fmix.pendrawing.work%2F&sw=1600&sh=1200&dpr=1&novideo=0&topurl=1&adstir_media_uid=228e5881-d8d6-42c7-95ff-62e8e90a5a52&adstir_optout=0&callback=AdstirCB4122872888A7745857436
Requested by: Host: js.ad-stir.com
URL: https://js.ad-stir.com/js/adstir.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.59.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-59-131.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 load_adstir_optout.html Show response
js.ad-stir.com/js/ Frame 41E5 546 B
892 B 2ms
2ms Document
text/html 13.33.174.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-stir.com/js/load_adstir_optout.html?url=http://mix.pendrawing.work/
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.174.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-174-20.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afb4895708b7ace5b1431f025508b030af5b4b23a133058744a94de67eeb7c70

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 670
cache-control: max-age=3600
content-length: 546
content-type: text/html; charset=utf-8
date: Fri, 20 May 2022 19:32:29 GMT
etag: "9b806bc4689e00e6824dc1594225523a"
last-modified: Mon, 16 May 2022 02:52:51 GMT
server: AmazonS3
via: 1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
x-amz-cf-id: zNehIf3Bqe4R48-9mOYYr4f5bAtMINs-LHLSrgrxV_C0P0tYbR3iKQ==
x-amz-cf-pop: NRT57-C2
x-cache: Hit from cloudfront

GET
H2 200 adstir.js Show response
js.ad-stir.com/js/ Frame 7A16 62 KB
17 KB 3ms
3ms Script
text/javascript 13.33.174.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-stir.com/js/adstir.js
Requested by: Host: j.microad.net
URL: http://j.microad.net/js/compass.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.174.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-174-20.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5b251926f2de2a103761d5e5233d01f07a32c00545bffc4379ee1bc918a116b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 19:32:29 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 02:52:51 GMT
server: AmazonS3
age: 670
etag: W/"7b46a56c4cdf94d98ef34c2fdc9fea0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: NRT57-C2
x-amz-cf-id: EOXrZUU2WPwsJQDV-IAZu7TyBpQjXVoxNevxlgUJ_Qczl1fVs3TuZA==

GET
H/1.1 200
200 ic
ssp.send.microad.jp/ Frame 3A7F 43 B
500 B 343ms
114ms Image
image/gif 202.233.84.16
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.send.microad.jp/ic?ep=5Yofvah8N1EAF75cHiKXQGYsaEDT524QwFlmDSlBbEvRcYh6IReJKLQFVN3Gw-EcNFG1dCQLjUDdwgXprDVpgJ-CsF1xEM1oLYNdkAETmezoPVmJDgj7jPSI5VwtR4Vw3ROJKDDloYm20_xMJED9aDWDeVCx20385DFZnd4bPJjw2b4KizFIy-P636rE
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.233.84.16 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:38 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Connection: close
Content-Type: image/gif
Content-Length: 57

GET
H/1.1 200
200 asr
aid.send.microad.jp/ Frame 3A7F 43 B
625 B 344ms
115ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/asr?v=1&code=1lEd6kdM8PY&format=pixel

Requested by

Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 19:43:38 GMT
Server: Apache
Strict-Transport-Security: max-age=3600
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/gif
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H2 404 ad
ad.ad-stir.com/ Frame 7A16 0
0 4ms
3ms Script
text/html 54.64.59.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-stir.com/ad?app_id=MEDIA-f9d91b43&ad_spot_no=9&locale=en&ut=1653075818566&topframe=0&origin=http%3A%2F%2Fmix.pendrawing.work%2F&sw=1600&sh=1200&dpr=1&novideo=0&topurl=1&adstir_media_uid=228e5881-d8d6-42c7-95ff-62e8e90a5a52&adstir_optout=0&callback=AdstirCB3000414808A6420548601
Requested by: Host: js.ad-stir.com
URL: https://js.ad-stir.com/js/adstir.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.59.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-59-131.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 load_adstir_optout.html Show response
js.ad-stir.com/js/ Frame C844 546 B
893 B 2ms
2ms Document
text/html 13.33.174.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-stir.com/js/load_adstir_optout.html?url=http://mix.pendrawing.work/
Requested by: Host: mix.pendrawing.work
URL: http://mix.pendrawing.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.174.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-174-20.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afb4895708b7ace5b1431f025508b030af5b4b23a133058744a94de67eeb7c70

Request headers

Referer: http://mix.pendrawing.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 670
cache-control: max-age=3600
content-length: 546
content-type: text/html; charset=utf-8
date: Fri, 20 May 2022 19:32:29 GMT
etag: "9b806bc4689e00e6824dc1594225523a"
last-modified: Mon, 16 May 2022 02:52:51 GMT
server: AmazonS3
via: 1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
x-amz-cf-id: MC4qJgrECC7WdfMQF0BwsHVNHTcjCuoSL_gxSojH-9oDgjf30i45gw==
x-amz-cf-pop: NRT57-C2
x-cache: Hit from cloudfront

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 030C 0
0 41ms
41ms Fetch
image/gif 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuobzmlzGCKo6ApRodqLvrvsHxFpI7Z1CifqSpljeuX73gegXzyEoPZkqmJXT_GbL2-bdq335S2fcHc4WQhTy87oakenBlSbgPZbmRdyb0GG5ycxTu48DqU_fkr6Br-zsIRFbPNZOvIVFv3VEBgM_t9RUCuE4rrGZOcd5aR9_9Hoh7e88nIejqcqOHLLY9hurc5TS7Svcsk5YJo6XUXjxSD3i9K8ZHBuhEjZtnhz4Xm2FKG_B3FJDIgXSiTlgazSBvBCcGUYVbOwwn_RdeFCU8fYcS3ZgzTKlJCUardvqv73tfRyOrdKtvDlHY&sai=AMfl-YSfa9clF4aH1FtzWbOdzAgRO8411dnct1wK3HGKyRJMZl_UFaK2sS3XNQ3TMXKVnyrCLK-2iD-3VpRgH9IEjvRXPKqX9KydglwAUYHPYDGx4PuduC5CMj820f-LNrn-&sig=Cg0ArKJSzAcrcpav_-RxEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 19:43:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 20 May 2022 19:43:38 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B1E2 42 B
497 B 179ms
41ms Fetch
image/gif 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstn3EMiWn71wRB0mGq1wTyIpQgBI5CI6XG9EW8EFUjmp5M_QC_Ft61t0AlUwX6PkNKqubk9xk3z8BEsjAH3TmOcx6TLUFs_3oHejdncLTnkvMaAaQxg&sig=Cg0ArKJSzHSKC0Qur7uCEAE&id=lidar2&mcvt=1000&p=1112,566,1172,1034&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220518&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3541159802&rs=4&la=0&cr=0&vs=4&r=v&rst=1653075816716&rpt=1163&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 5742 0
129 B 6ms
2ms Script
text/plain 103.231.99.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156313&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.81 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:15:48 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4220 0
0 44ms
43ms Fetch
image/gif 142.250.196.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstV6IPH76CStHbjwe-yR3RoomdNZ1JyHhdj49HVSywiaXFamzDStY0-Gg8dDkeKeW3au_uVXPRQ-yLleGIHdKlvoQ1ktC-znDpq8LfzVY9LGdTsh-k-kWCMLeyLBRSFCOKmsZDWzPEtr-XCCIQzb3WjnbNRoYl8k1UeEcZFdq3wthj5PLaUEP1xdyn7t761VvsDG8VdHET6_qvXQym5N6hO8tiJh856fK_2wJxr-abIjR9aptoc9h7wQJd0sVP2ktHSpFaWaOwpJrnyDE1FGBX105xA0UDDWMo3Acma2Qi_5o56-9sxfl-6csA&sai=AMfl-YQTfRPWXCzY3u8YE9hVo2qnbga06VJas2T6GNx9OEd88slVdnyF2P0tCQ3Phd0W47DNfCqY7ajKoG0h4Q8rtr6M5J6Pz5bPVeQeIpPBZ_hF8ELgWCHOPPPz-Eizm6E&sig=Cg0ArKJSzPqTW3g42WbqEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 19:43:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 20 May 2022 19:43:38 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EB38 42 B
64 B 85ms
41ms Fetch
image/gif 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_uqbffwNIgIFs9mDp4KkaLtdSKJxqxO3EXBuaw3tralGlryupQ57AVb1l9rI5_ou5tu4AmMpB9vBSGDMcfZ9F-tOY3-GUKHtvR4hILe2K8qlIIZno&sig=Cg0ArKJSzAh1OsaAkxtYEAE&id=lidar2&mcvt=1000&p=692,436,782,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220518&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2410334956&rs=4&la=0&cr=0&vs=4&r=v&rst=1653075816864&rpt=1398&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 44C9 42 B
64 B 80ms
39ms Fetch
image/gif 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNeXg0ofEddt_9igc2m7YNIgyt5X2lsdz2N8AvVgOyep8N28TryGNBlDkIkHxcsZnriMMDL9Fn-HOidChejgzYZB65S-vlta62Z_OZ4z5hND-PAfjp&sig=Cg0ArKJSzBZy9LkrMOxvEAE&id=lidar2&mcvt=1004&p=857,810,1107,1110&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20220518&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1199409022&rs=4&la=0&cr=0&vs=4&r=v&rst=1653075816551&rpt=1705&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://mix.pendrawing.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 19:43:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

88 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cache.send.microad.jp/js	1970-01-20 03:11:19	Name: RTUS_STATUS Value: Unknown
.send.microad.jp/	1970-01-20 05:20:51	Name: TR Value: 87e267a01f20b7454b0f482dfc1aa852
.adingo.jp/	1970-01-20 11:56:51	Name: ID Value: bd2e0bf6b71542fb614b58113e81df78
.doubleclick.net/	1970-01-20 20:42:27	Name: IDE Value: AHWqTUmF-OvamTwLTY9Wane8KPx4BfaAGqEi0u0WDre0IBQlPGQpeG_43KsxiNalqQ8
.doubleclick.net/	1970-01-20 03:11:16	Name: test_cookie Value: CheckForPermission
.send.microad.jp/	1970-01-20 03:21:20	Name: ASR_29 Value: 1
.ad-stir.com/	1970-01-20 11:56:51	Name: uid Value: 1c685b34-b560-4c11-876c-31af5887586c
.ad-stir.com/	1970-01-20 11:56:51	Name: bpmkv Value: 1
.socdm.com/	1970-01-20 20:42:27	Name: SOC Value: YofvaMCo8HgAAIrIBrgAAAAA
.spotxchange.com/	1970-01-20 11:56:55	Name: audience Value: 2401a41e-d875-11ec-a1dd-12a3d7700507
.adingo.jp/	1970-01-20 03:54:27	Name: bypass Value: 1c685b34-b560-4c11-876c-31af5887586c
.adingo.jp/	1970-01-20 03:54:27	Name: scaleout Value: YofvaMCo8HgAAIrIBrgAAAAA
.pubmatic.com/	1970-01-20 05:20:51	Name: KADUSERCOOKIE Value: 4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4
.pubmatic.com/	1970-01-20 05:20:51	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 03:12:42	Name: pi Value: 156313:2
.pubmatic.com/	1970-01-20 05:20:51	Name: DPSync3 Value: 1654214400%3A226_245_201
.pubmatic.com/	1970-01-20 05:20:51	Name: SyncRTB3 Value: 1653868800%3A63%7C1654300800%3A35%7C1654214400%3A71_13_7_217_3_22_107_202_76_56_21_54%7C1653609600%3A223
.ad-m.asia/	1970-01-20 20:42:27	Name: uid Value: Q0YaiWDpPi
.primecaster.net/	1970-01-20 19:59:15	Name: uid Value: 4RYytIrN7N
.adingo.jp/	1970-01-20 03:54:27	Name: pubm Value: 4CE7F7E8-1389-46DC-AC6E-2A3A2CE239D4
.uncn.jp/	1970-01-20 11:56:51	Name: t Value: v_3418df40-eea4-46d3-85be-2b69733ba06d
.socdm.com/	1970-01-20 20:42:27	Name: SOSYNC Value: anNvbjp7InB1Ym1hdGljIjoxNjUzMDc1ODE2fQ
.adsrvr.org/	1970-01-20 11:56:51	Name: TDID Value: 5c33c685-8d9b-4a16-9aef-4f3066e3a88d
.adingo.jp/	1970-01-20 03:54:27	Name: pricas Value: 4RYytIrN7N
.adingo.jp/	1970-01-20 04:37:39	Name: popin Value: ok
.adingo.jp/	1970-01-20 03:54:27	Name: adx Value: ok
.pubmatic.com/	1970-01-20 03:54:27	Name: KRTBCOOKIE_1201 Value: 23170-v_3418df40-eea4-46d3-85be-2b69733ba06d
.pubmatic.com/	1970-01-20 03:54:27	Name: KRTBCOOKIE_656 Value: 12671-YofvaMCo8HgAAIrIBrgAAAAA
.adingo.jp/	1970-01-20 03:31:25	Name: tdid Value: 5c33c685-8d9b-4a16-9aef-4f3066e3a88d
.ladsp.com/	1970-01-20 03:11:19	Name: cr Value: 1
.admatrix.jp/	1970-01-21 03:11:15	Name: uid Value: 3c469ce8-2d7c-46f0-93f0-e49cb8a82055
.ladsp.com/	1970-01-20 20:42:27	Name: smn_uid Value: IY24CBBRpM_Az4HMcwhEBQ7C81i5IJo
.popin.cc/	1970-01-20 20:42:27	Name: piuid Value: fb84c83222e34fc59abf11944fac5c20
.popin.cc/	1970-01-20 04:37:39	Name: p_fluct Value: bd2e0bf6b71542fb614b58113e81df78
.pubmatic.com/	1970-01-20 03:54:27	Name: KRTBCOOKIE_629 Value: 11487-AYXbr6nlWFpKks8ADsLzWLkgms8AAAGA4v8x8A
.pubmatic.com/	1970-01-20 03:54:27	Name: KRTBCOOKIE_377 Value: 6810-5c33c685-8d9b-4a16-9aef-4f3066e3a88d&KRTB&22918-5c33c685-8d9b-4a16-9aef-4f3066e3a88d&KRTB&23031-5c33c685-8d9b-4a16-9aef-4f3066e3a88d
.bidswitch.net/	1970-01-20 11:56:51	Name: c Value: 1653075816
.bidswitch.net/	1970-01-20 11:56:51	Name: tuuid_lu Value: 1653075816
.bidswitch.net/	1970-01-20 11:56:51	Name: tuuid Value: 4c57029c-9957-4ff1-83f1-f0ff17b38e45
.ladsp.com/	1970-01-20 20:42:27	Name: lum Value: CPvj_JeOMBIFCBQQ0AUSBQgKEJAN
.adingo.jp/	1970-01-20 03:54:27	Name: logicad Value: AYXbr6nlWFpKks8ADsLzWLkgms8AAAGA4v8yDw
.pubmatic.com/	1970-01-20 03:54:27	Name: KRTBCOOKIE_943 Value: 19522-2w3u91dYnty
.adingo.jp/	1970-01-20 03:54:27	Name: fbit Value: o7GE-9sHqo9-Q
.mookie1.com/	1970-01-20 12:40:03	Name: id Value: 10524771593900464025
.mookie1.com/	1970-01-20 12:40:03	Name: mdata Value: 1\|10524771593900464025\|1653075816995
.mookie1.com/	1970-01-20 12:40:03	Name: ov Value: 5169c16fd141b8316d6ee7d72b249ca6
.pubmatic.com/	1970-01-20 03:54:27	Name: KRTBCOOKIE_80 Value: 22987-CAESEIQJAggRGL86PCJ2JkMIcRE&KRTB&16514-CAESEIQJAggRGL86PCJ2JkMIcRE&KRTB&23025-CAESEIQJAggRGL86PCJ2JkMIcRE
.mathtag.com/	1970-01-20 12:37:11	Name: uuid Value: b8006287-ef69-4400-9381-a9cfbd985022
.pubmatic.com/	1970-01-20 03:54:27	Name: KRTBCOOKIE_27 Value: 16735-uid:b8006287-ef69-4400-9381-a9cfbd985022&KRTB&16736-uid:b8006287-ef69-4400-9381-a9cfbd985022&KRTB&23019-uid:b8006287-ef69-4400-9381-a9cfbd985022&KRTB&23208-uid:b8006287-ef69-4400-9381-a9cfbd985022
.send.microad.jp/	1970-01-20 03:21:20	Name: ASR_20 Value: 1
.adingo.jp/	1970-01-20 03:54:27	Name: universe Value: G-hSg49WN7Y1m8vjHEseIiLGwDSYdBQl3G8zNV-HRUDa3Ubv7SI_Kw
.adform.net/	1970-01-20 03:55:54	Name: C Value: 1
.bigmining.com/	1970-01-20 11:56:51	Name: bigminingusr Value: rB8IUmKH72kV2wf/w44KAg==
.yahoo.com/	1970-01-20 11:57:13	Name: A3 Value: d=AQABBGnvh2ICEAie5yWkMNHOexIf09Fcnm0FEgEBAQFAiWKRYgAAAAAA_eMAAA&S=AQAAAuww501MvnQlUeueCoM-Vik
.adform.net/	1970-01-20 04:37:39	Name: uid Value: 316937144418363931
.adnxs.com/	1970-01-20 05:20:51	Name: uuid2 Value: 3834589878498567173
.pubmatic.com/	1970-01-20 03:54:27	Name: KRTBCOOKIE_391 Value: 22924-316937144418363931&KRTB&23263-316937144418363931
.gammaplatform.com/	1970-01-20 20:42:27	Name: _aCMR_6 Value: 5
.gammaplatform.com/	1970-01-20 03:12:42	Name: _aGeoIp Value: IN\|Mumbai
.gammaplatform.com/	1970-01-20 20:42:27	Name: _aUID Value: eia8lnae3wvu
.pubmatic.com/	1970-01-20 03:54:27	Name: KRTBCOOKIE_466 Value: 16530-4c57029c-9957-4ff1-83f1-f0ff17b38e45
.simpli.fi/	1970-01-20 11:58:18	Name: suid Value: F764832A9EC24F2397E94CC885E86A7D
.crwdcntrl.net/	1970-01-20 09:40:01	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 09:40:01	Name: _cc_id Value: 2273f9a0fdaed74707c0648f8f99dbcc
.fout.jp/	1970-01-20 20:43:54	Name: uid Value: yCiSxAyyvKo8cGRv0Xb_7VRwjhU
.pubmatic.com/	1970-01-20 03:54:27	Name: KRTBCOOKIE_57 Value: 22776-3834589878498567173&KRTB&23339-3834589878498567173
.pubmatic.com/	1970-01-20 03:54:27	Name: PugT Value: 1653047712
.semasio.net/	1970-01-20 11:56:51	Name: SEUNCY Value: CA71C59B1E2AE7A
.send.microad.jp/	1970-01-20 03:21:20	Name: ASR_19 Value: 1
.send.microad.jp/	1970-01-20 03:21:20	Name: ASR_33 Value: 1
.pendrawing.work/	1970-01-20 12:32:51	Name: __gads Value: ID=7e8c22e567f60f02-22d29c9655d300ea:T=1653075816:S=ALNI_MZ8fpAhu28jaE5jiOCIhPDX-5tNMg
.pendrawing.work/	1970-01-20 12:32:51	Name: __gpi Value: UID=0000059b5077683e:T=1653075816:RT=1653075816:S=ALNI_ManXJNyv6AqpiZ3DqF-MxThD3wRYg
.media.net/	1970-01-20 11:56:51	Name: visitor-id Value: 2960774176453652000V10
.media.net/	1970-01-20 11:56:51	Name: data-mic Value: zYyeXTIU9f6t23lepCbHbuudXj1Vs0RWxnfjShIoViFbu_dFsT-HEA~~3
.adingo.jp/	1970-01-20 03:54:27	Name: fout Value: yCiSxAyyvKo8cGRv0Xb_7VRwjhU
.adsrvr.org/	1970-01-20 11:56:51	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwiIg7iJ4qjdOhAFEhYKB3J1Ymljb24SCwj4xO-Q4qjdOhAFGAEgAygCMgsIgoe7tvio3ToQBTgBWgdkajBwamprYAI.
.send.microad.jp/	1970-01-20 03:31:25	Name: ASR-g Value: 1
.rlcdn.com/	1970-01-20 11:56:51	Name: rlas3 Value: +kwau4xqfMy3eYxAVhhnqOo34SzZG1gLi+c8bf5/Ul4=
.rlcdn.com/	1970-01-20 04:37:39	Name: pxrc Value: CAA=
.criteo.com/	1970-01-20 12:32:51	Name: uid Value: 8a2a9094-442b-4e9e-9c00-e7fafa1fa308
.rubiconproject.com/	1970-01-20 11:56:51	Name: khaos Value: L3EUNS8P-18-8P1Q
.send.microad.jp/	1970-01-20 03:21:20	Name: ASR_30 Value: 1
.advertising.com/	1970-01-20 11:58:18	Name: APID Value: UP24d848f1-d875-11ec-970b-0a3913709c99
.analytics.yahoo.com/	1970-01-20 11:56:51	Name: IDSYNC Value: "18z8~24zv:191k~24zv"
.amazon-adsystem.com/	1970-01-22 00:01:11	Name: ad-privacy Value: 0
.rubiconproject.com/	1970-01-20 11:56:51	Name: audit Value: 1\|EznSO8RHRuHh9HLbuL81ihOsXDMUSbq4CyjNEWDOO4irLKOqscwnxsxprhDiveCurXy7grs7Wq/qFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.amazon-adsystem.com/	1970-01-20 08:36:42	Name: ad-id Value: AwNF5iysN0QbujXizlIh0Ao
.pubmatic.com/	1970-01-20 03:54:27	Name: SPugT Value: 1653063348

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ad.ad-stir.com/ad?app_id=MEDIA-f9d91b43&ad_spot_no=5&locale=en&ut=1653075816862&topframe=0&origin=http%3A%2F%2Fmix.pendrawing.work%2F&sw=1600&sh=1200&dpr=1&novideo=0&topurl=1&adstir_media_uid=228e5881-d8d6-42c7-95ff-62e8e90a5a52&adstir_optout=1&callback=AdstirCB5330946242A4873777922 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ad.ad-stir.com/ad?app_id=MEDIA-f9d91b43&ad_spot_no=3&locale=en&ut=1653075817180&topframe=0&origin=http%3A%2F%2Fmix.pendrawing.work%2F&sw=1600&sh=1200&dpr=1&novideo=0&topurl=1&adstir_media_uid=228e5881-d8d6-42c7-95ff-62e8e90a5a52&adstir_optout=0&callback=AdstirCB8314563585A9262455229 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ad.ad-stir.com/ad?app_id=MEDIA-f9d91b43&ad_spot_no=4&locale=en&ut=1653075817531&topframe=0&origin=http%3A%2F%2Fmix.pendrawing.work%2F&sw=1600&sh=1200&dpr=1&novideo=0&topurl=1&adstir_media_uid=228e5881-d8d6-42c7-95ff-62e8e90a5a52&adstir_optout=0&callback=AdstirCB1469320314A313637569 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ad.ad-stir.com/ad?app_id=MEDIA-f9d91b43&ad_spot_no=1&locale=en&ut=1653075817553&topframe=0&origin=http%3A%2F%2Fmix.pendrawing.work%2F&sw=1600&sh=1200&dpr=1&novideo=0&topurl=1&adstir_media_uid=228e5881-d8d6-42c7-95ff-62e8e90a5a52&adstir_optout=0&callback=AdstirCB5964727848A5411709800 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ad.ad-stir.com/ad?app_id=MEDIA-f9d91b43&ad_spot_no=8&locale=en&ut=1653075818004&topframe=0&origin=http%3A%2F%2Fmix.pendrawing.work%2F&sw=1600&sh=1200&dpr=1&novideo=0&topurl=1&adstir_media_uid=228e5881-d8d6-42c7-95ff-62e8e90a5a52&adstir_optout=0&callback=AdstirCB398558728A5505362795 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ad.ad-stir.com/ad?app_id=MEDIA-f9d91b43&ad_spot_no=7&locale=en&ut=1653075818168&topframe=0&origin=http%3A%2F%2Fmix.pendrawing.work%2F&sw=1600&sh=1200&dpr=1&novideo=0&topurl=1&adstir_media_uid=228e5881-d8d6-42c7-95ff-62e8e90a5a52&adstir_optout=0&callback=AdstirCB4094823303A6046681503 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ad.ad-stir.com/ad?app_id=MEDIA-f9d91b43&ad_spot_no=2&locale=en&ut=1653075818161&topframe=0&origin=http%3A%2F%2Fmix.pendrawing.work%2F&sw=1600&sh=1200&dpr=1&novideo=0&topurl=1&adstir_media_uid=228e5881-d8d6-42c7-95ff-62e8e90a5a52&adstir_optout=0&callback=AdstirCB9220385903A7418352588 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ad.ad-stir.com/ad?app_id=MEDIA-f9d91b43&ad_spot_no=6&locale=en&ut=1653075818481&topframe=0&origin=http%3A%2F%2Fmix.pendrawing.work%2F&sw=1600&sh=1200&dpr=1&novideo=0&topurl=1&adstir_media_uid=228e5881-d8d6-42c7-95ff-62e8e90a5a52&adstir_optout=0&callback=AdstirCB4122872888A7745857436 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ad.ad-stir.com/ad?app_id=MEDIA-f9d91b43&ad_spot_no=9&locale=en&ut=1653075818566&topframe=0&origin=http%3A%2F%2Fmix.pendrawing.work%2F&sw=1600&sh=1200&dpr=1&novideo=0&topurl=1&adstir_media_uid=228e5881-d8d6-42c7-95ff-62e8e90a5a52&adstir_optout=0&callback=AdstirCB3000414808A6420548601 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ad.ad-stir.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.co.jp
adservice.google.com
aid.send.microad.jp
api.primecaster.net
aud.adjust-net.jp
bid.socdm.com
bigmining.com
bypass.ad-stir.com
c1.adform.net
cache.send.microad.jp
cdn-fluct.sh.adingo.jp
cm-supply-web.gammaplatform.com
cm.g.doubleclick.net
code.jquery.com
cr-p10.ladsp.jp
cr-p20.ladsp.com
cr-pall.ladsp.com
cs.adingo.jp
dis.criteo.com
discoveryplus.popin.cc
ds.uncn.jp
eus.rubiconproject.com
f7bbcc7f11035f8e667ee7fc840ea556.safeframe.googlesyndication.com
gum.criteo.com
hbx.media.net
i.adingo.jp
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
j.microad.net
js.ad-stir.com
match.adsrvr.org
mix.pendrawing.work
odr.mookie1.com
pagead2.googlesyndication.com
pixel-apac.rubiconproject.com
pixel.advertising.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
s-cs.send.microad.jp
s-rtb.send.microad.jp
s.amazon-adsystem.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
sh.adingo.jp
simage2.pubmatic.com
simage4.pubmatic.com
ssp.send.microad.jp
sync-dsp.ad-m.asia
sync-tapi.admatrix.jp
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.fout.jp
sync.mathtag.com
sync.search.spotxchange.com
tg.socdm.com
token.rubiconproject.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
wtag.estlier.net
www.googletagservices.com
x.bidswitch.net
sync-tm.everesttech.net
103.229.206.241
103.231.99.243
103.231.99.80
103.231.99.81
103.43.90.117
103.71.26.126
104.71.157.62
119.63.198.176
119.9.108.180
124.146.215.6
13.113.134.169
13.213.158.231
13.225.173.36
13.230.12.163
13.33.174.20
130.211.14.194
133.167.7.2
14.0.42.24
142.250.196.130
142.251.42.130
153.120.99.232
161.202.200.115
18.177.59.67
18.178.22.21
18.180.182.210
182.161.74.16
185.84.60.21
2001:4de0:ac18::1:a:2a
202.131.200.82
202.131.200.84
202.232.238.37
202.233.84.1
202.233.84.16
202.233.84.3
202.233.84.8
202.241.208.55
209.54.180.3
23.10.15.201
23.36.110.226
23.40.192.26
23.44.52.240
2404:6800:4004:810::2002
2404:6800:4004:813::2002
2404:6800:4004:821::2002
2404:6800:4004:825::2002
2404:6800:4004:826::2001
2406:2000:a4:9fe::
2406:2600:4::b
2406:da18:929:5a01:a378:6e6:f85f:9802
3.114.252.10
35.190.60.146
35.213.12.39
35.227.202.26
35.71.131.137
52.193.147.183
52.220.229.2
52.95.126.138
54.199.239.233
54.248.187.209
54.64.59.131
54.92.2.218
69.173.158.64
8.39.36.141
99.84.128.29
03bb35449be6e7e53855fdb37a001c8c091847b7b061987417d09bebe029abd7
041053bf14801c188b712d537f46f6a8e941d34e45d470f054502bd319db898b
0a6aafbf2ea4a5963d1b882cdff82d32a80611af3603ef779f8bf1ab729c80c2
0b086d65e6f1d5424428e48228fd74ec244929488a87e7b1646c73c57ad7308e
0b30019c663068e6845f057b55eeecd1d2c697017b2fa8b5a6b93cb170f4a690
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
109ae4384e7db8d85b98b24a4fc0ec9819103c62ab5f685bbc588c6b6ba8e9d7
13ef096aae58660e365533a6490cbe9d73ae660188895dca8740d8efbdecbff7
156657a90d166e5563662d521fb308ed88795606b07ff65e470997972d046413
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1fde5e99d59e52df6f9d85e8384617aa3e241dd0dcd03b507dfefdb1867f20ea
20bab72b343061f05a69bac03da39a8dfe73c31c56a98f086e8e4d8244dd2cee
2156308e1b8b2bf5848d31bb935b167949dbe7af97c41ed5656860977b2db149
216df0e62f1e5923429bb55437382cc6a85f3f4d28ba67d752c3c83944dc5992
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
262bd4573bb79ab0216a3b5c53a4a0d079ff4678a2630db7587dbf5c2d7cd9a1
2e8d297b39512ecc1b22d408ccf8d598fd17d949cbce54654dac395d015034ce
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32feae9d58ed5c88f71a3e5e18d23378b591acc7b212bce6f670559d842ff5e2
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
3895a88a95b48e50141c8863c7f86a0cff82640b7b1614a4108f135daa2b8482
395a7c8dfe5b5f1ee5c88de671253b86a71f910a28f770561f66bb1cbeb2738a
39f2275846d996631d61c6e08dba5b20ba5affb268183ea36dc9e7d546d17b20
3ac41f480e85e13ff84150d135f7cd0ff080ec57cad7a640a08b4c610580a496
3b3cb31cf5bc15449c9ec85ceae9935a58ce84bd187a9597ad7cbb75c23ba704
3b8619b62c3655d956641cbeaae480ca70ed8c947821fab3f21746ed4eedfe3b
3bd4eb2ece0fe98f279a14bb2b61ecbbcd501a598b50f1f8b211f76ecd420996
3ea41b841eeb7150c95623bda77d75181d17f5c673e4240067ffabedf9678b8c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
435b49d0a7cb76c9bc8893309b67ddd6d5eb91262fe6069d154dd699016fbb8d
4452ba12fe11a0afa4ff55f886b012b909cadc0ab99fb7b31adc11d420e97785
44660955a93d08acd03010ade61cd4f5b1971bc2eea034b252074ac55d33e542
46fcdd810f405b3fdcba6dcc947de0d88acea89412c8aa4ec1bc1a3ce19c7cb2
47342c25d46323a0f13f52332c19d17dda38a011a3b0a05d4bc6c0b8b9da56a5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c0dd126e362c61d651c1c4f39b35a46ea402fabb248c03cb3ffb374c9ef1ff
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4baf2d07feacb7fa5a575a7ca13f20f150e725395bbc8fd8e0c76a71229ec027
4d6455d30d6a50db59df691a9d4f537b126f5488b5f9aea727fe584bcc4d71fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
552ee7405389d52857edc1aed6d812aacb5af7e66ef18993e963e4c02ee6ed9d
574f6dd6662043cb8cb856d2ac83540cf7afbdbcd0fabcb484d757e6e1ce82b3
59219f44e2e1706a46b43b6f9406b18b49c8608be327d01778620203c586854a
5ab9c2d4cc8f1444ee40054cd67357983e1c28bd0a22cc8042d1b9b79d90edf6
5dec906462b7b8ad08ad6493e29f42edb89f9128793434181f0b6b8a53383a9c
60c2d98b70bf6e1f56248183287752cc2ba28808f4fc0b45d81d7f01ce39df9d
6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839
66c24a1d73102e95832c984d192e83cc84f3a0fa9125171a540b2504c53ab2db
67a288d2fb8b4a78e9f91ac03ad4d2f29db46c628285fa649b946fcf50bed5e3
695919a63165ef92b07233246eb53434087dfe83c86a6e84627ee86a15689fc5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f07d6260d39c7ae6cccc3a0a338ebc2f80879baebba409b9aaf84418a6426e3
706f546745b40e0b4186ebaf64d01c353d54a6305f669445ebb81e36dea94f55
715fc8166b662355264c65cde74c9c2b8d98d3979e31891d95f942bd691e6494
79e7de4fde92aa24edd615629d131e301c408e5ddd780cab378b2beb44e0f420
7bdd36ecd3c9ab8a6a09074adfd27cb4422f6f128b95009440b7e52a1cfdff44
7d9ed266bfc4cba3c678057ed83cd867bc8911c39732a3959e3248db00b74c4c
7f16caa3fe51afab00322e65195792d454d3ee3283747f2cc4061a50d5f03949
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
84a0b566c30bbae1ab0a74abd082817fc38b3a4552e18e0009592868dca5089c
938e136d8d97403153c834ef944084b0c229935d148ef28704c5d713750f22e5
94f36b60ffa01cf673284849dc3558bc77f69ade38897f6b9d88d831e803bf7e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f9092ce03100cb71e0db05384f2f673c9c074b62265b59de3306c0ae7235835
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a43720005064626c3b8d2b80172d524b7b3be9e0655acff3310deece21944a9f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a95ee2e0d39c50f3fea0f2f98b906e20751d0ced65bd23660edd99087c6429ed
aa2a0f74b09e1faed0e0de17fca993ca637a7737914f2ebe92ae726c502b05a8
ab4c8a23da2dfb536d92bdd3a3ae700366616940aa8a4ac3452700db43cc3360
afb4895708b7ace5b1431f025508b030af5b4b23a133058744a94de67eeb7c70
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
affd70cd314405fd60a64b173fe1fe3f553821e07e4a135e1e88ac710b9d7d08
b0b240f0b594f26afc14c273442a73b8b05473b3e03c5194b1494804a24fed45
b0b31ec672542df89dbbeaf148beb7a97e1272de59a41d754394c6ec209e1ec5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5b251926f2de2a103761d5e5233d01f07a32c00545bffc4379ee1bc918a116b
b698bcaa1028cb79019d39cc5f602fc06273dd2fe09bef2b0c30a158b1fe368f
b7164022757cc99fc819165b6c3505a988830dfb7ba9a9b21a0e4ee16e4c4997
be4914b89b0eb4957b9d50fff1753e0b51007ad111fb3a4262a30fc119d111af
bf0a31b01d57a3e8d3b2543dabff29e0829f2d44d253336891376172940852c5
bf2c1fe66bac94f021438d050e6953fc3e2ecf17769c629378343ccbbb928869
c0b3e0e2c1a81724d168b96de09104ed41d12015941e3e5b414c24ebb30dbfe5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d46dd0cef295be11326c8c53893eb11202adde943a6ed2868f9be9a5f32046
c3bab36ea303789930b21c562b4e41fa93e63189813d1e8b2e8f1281af45f579
cc39e377fbff0ed82d8889ef8174b724ae80eab5c738d59b3712b10a03c2e0b5
ce929277cc781d152acdc7b2ac0be8afa45cb6a227e2a6b369cf910650b8d405
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c12ad9e6d719365d4f311fb5a4a0dc25d5d6a201fda30cf963dd64ebce1d0b
d72e28d7a45f8920c009c7687b0b3cfff277782f447ef9fa1773259c130b64de
d793137f72c57a1432b09407e88a242b6571cb1b5e29690966d184b890ac17c0
d7c9529ec19223478d47d52e7610b45b9cc2c7dfa3b09019b0b35de527f46e38
d88751f8b991a5633a4756d7e6fa88aadef1c4c8f81c012b8fe75a2cddf9e5e4
db93b2ba578c567e3795945d34ac943b2205075376cda840b003176f9ad4e8cc
dcd9a3e3ab37c0a2cda2ccd924b20287dc9a904557241152ef25a96d08c8ab33
e000a2e3728f7fb61c797b13852337d97b6cab5fee257b739ec44a6481bc0a8b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a03c84266e33eb4bd36c94f93eb0154dc6db80a6b9346e56c901cb53e177f0
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e654ab4838bc0825c49012ef7f1204c5e4015cbe5f1de4b3a41a0747129e2ca4
e7de21dc8608e8f8014f08d39ae0650fbf1a555dbbc7748d8aa7a86863cafb93
e83811d10620438cc380d5dfe42441f1e27ed2609fc04c592b35d078b773d55e
e99260fed4d99c6f0ab060fefa6047a352b5a4a2859e0ad29daeca5637a17ef6
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f146d1b4cf943e122348d9d6f689f4a3072fe7167dbcccad614316f5f9bd36fa
f48f05edd87baa4c4c60e77afc800d9b8fe03f50c7eabab30766e979c9900bd6
f5bf9d072bf7b06a3c97749fc66b1062367e57ca21b963242ed0d68ac3f542c5
f82eeb7d741fcdd22be2f05939c7196ba620b539243541c6a56ab6cd62462613
f9c9561233a15b74e905eaa28dc038cea8de22266634173bd1b84d12fb34bf77
fe8657e3194b70101aa7becfdc36e9161a907a58ac13716a75090c746000cc05
feedf912c78909d93d37627ad74441bbe5f87c354e31b595523c2b0bb434685a

mix.pendrawing.work Open in urlscan Pro 153.120.99.232 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

295 Requests

62 %HTTPS

14 %IPv6

43 Domains

69 Subdomains

48 IPs

9 Countries

1682 kBTransfer

4825 kBSize

88 Cookies

0 Outgoing links

Redirected requests

295 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mix.pendrawing.work Open in urlscan Pro
153.120.99.232 Public Scan

Screenshot
Live screenshot

Full Image

295
Requests

62 %
HTTPS

14 %
IPv6

43
Domains

69
Subdomains

48
IPs

9
Countries

1682 kB
Transfer

4825 kB
Size

88
Cookies

295 HTTP transactions
0 data transactions