URL: http://xfs.jp/4EARMf?
Submission: On March 04 via manual from US

Summary

This website contacted 17 IPs in 3 countries across 13 domains to perform 77 HTTP transactions. The main IP is 124.32.142.99, located in Hachioji, Japan and belongs to UCOM UCOM Corp., JP. The main domain is xfs.jp.
This is the only time xfs.jp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 124.32.142.99 17506 (UCOM UCOM...)
26 124.32.142.103 17506 (UCOM UCOM...)
3 124.32.142.98 17506 (UCOM UCOM...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 39.110.234.238 2527 (SO-NET So...)
6 172.217.22.2 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
3 3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
77 17
Domain Requested by
26 sakura1.firestorage.jp xfs.jp
cdn.ampproject.org
9 cdn.ampproject.org securepubads.g.doubleclick.net
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
xfs.jp
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
xfs.jp
6 pagead2.googlesyndication.com xfs.jp
pagead2.googlesyndication.com
6 xfs.jp xfs.jp
4 googleads.g.doubleclick.net xfs.jp
pagead2.googlesyndication.com
3 www.google.com 3 redirects
2 amp-error-reporting.appspot.com cdn.ampproject.org
2 fonts.gstatic.com www.googletagservices.com
2 www.google-analytics.com 1 redirects xfs.jp
2 www.googletagservices.com xfs.jp
securepubads.g.doubleclick.net
1 www.google.de xfs.jp
1 stats.g.doubleclick.net 1 redirects
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 adservice.google.de www.googletagservices.com
1 images.firestorage.jp xfs.jp
1 ad.image.firestorage.jp xfs.jp
1 images.firews.com xfs.jp
1 ad.firestorage.jp xfs.jp
77 20
Subject Issuer Validity Valid
*.firews.com
RapidSSL RSA CA 2018
2018-03-13 -
2019-04-12
a year crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
*.google.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
misc-sni.google.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
tpc.googlesyndication.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
*.googleapis.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
www.google.de
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
*.appspot.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh

This page contains 6 frames:

Primary Page: http://xfs.jp/4EARMf?
Frame ID: 120584B7DE46A245D2B598B5BA8FA923
Requests: 50 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Frame ID: 221A37FFEA2743E866164A1B81F32DFC
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Frame ID: A4A98DAAC1844CBA9A20FA1B204BBAB5
Requests: 14 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20190227/r20190131/show_ads_impl.js
Frame ID: 2B3099DD8044670362804469BDE59593
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190227/r20190131/zrt_lookup.html
Frame ID: 0AD6EA1434458D84B7953C3D04D62418
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8432763221888476&output=html&h=600&slotname=9450298085&adk=1424688035&adf=1541513980&w=300&lmt=1551665090&guci=1.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fxfs.jp%2F4EARMf%3F&flash=0&wgl=1&adsid=NT&dt=1551665090108&bpp=14&bdt=1695&fdt=86&idt=84&shv=r20190227&cbv=r20190131&saldr=aa&abxe=1&correlator=3043375695653&frm=20&pv=2&ga_vid=162867941.1551665090&ga_sid=1551665090&ga_hid=1385961482&ga_fc=0&iag=0&icsg=570469034&dssz=21&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1022&ady=144&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21063245%2C20040011&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=3&uci=3.3atj6g541jeg&fsb=1&xpc=lkNFxwKkKS&p=http%3A//xfs.jp&dtd=100
Frame ID: FEA4B5145F4285604988597BAFD6D670
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • env /^googletag$/i

Page Statistics

77
Requests

47 %
HTTPS

72 %
IPv6

13
Domains

20
Subdomains

17
IPs

3
Countries

720 kB
Transfer

2087 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • http://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 64
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 69
  • http://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 73
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1805238920&utmhn=xfs.jp&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E7%84%A1%E6%96%99%E7%9F%AD%E7%B8%AEURL%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9%20xfs.jp&utmhid=1385961482&utmr=-&utmp=%2F4EARMf&utmht=1551665090234&utmac=UA-1007914-23&utmcc=__utma%3D83060959.162867941.1551665090.1551665090.1551665090.1%3B%2B__utmz%3D83060959.1551665090.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=225774083&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1805238920&utmhn=xfs.jp&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E7%84%A1%E6%96%99%E7%9F%AD%E7%B8%AEURL%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9%20xfs.jp&utmhid=1385961482&utmr=-&utmp=%2F4EARMf&utmht=1551665090234&utmac=UA-1007914-23&utmcc=__utma%3D83060959.162867941.1551665090.1551665090.1551665090.1%3B%2B__utmz%3D83060959.1551665090.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=225774083&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1007914-23&cid=162867941.1551665090&jid=225774083&_v=5.7.2&z=1805238920 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1007914-23&cid=162867941.1551665090&jid=225774083&_v=5.7.2&z=1805238920 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1007914-23&cid=162867941.1551665090&jid=225774083&_v=5.7.2&z=1805238920&slf_rd=1&random=227945170

77 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 4EARMf?
xfs.jp/
11 KB
11 KB
Document
General
Full URL
http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Server
124.32.142.99 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x99.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
3a7ec7d7e449a3a026aaec4b3c2a11a41945ab5cd1610807a0009a0708501064

Request headers

Host
xfs.jp
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Mon, 04 Mar 2019 02:04:48 GMT
Content-Type
text/html
Content-Length
10997
Connection
keep-alive
reset.css
xfs.jp/css/
743 B
971 B
Stylesheet
General
Full URL
http://xfs.jp/css/reset.css
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Server
124.32.142.99 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x99.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
c8f6ecee3f1aa1ba15959eb53ba8f0dc67ea1c835b3a51e1636929de0c788dd5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xfs.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://xfs.jp/4EARMf?
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:48 GMT
Last-Modified
Thu, 30 May 2013 03:23:20 GMT
Server
nginx
ETag
"2690196127"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
743
basic_xfs.css
xfs.jp/css/
30 KB
30 KB
Stylesheet
General
Full URL
http://xfs.jp/css/basic_xfs.css
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Server
124.32.142.99 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x99.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
ea3a8b1be5b700801f28907c24d199e36cb48c4901417493ffa9cf727a6c1311

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xfs.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://xfs.jp/4EARMf?
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:48 GMT
Last-Modified
Thu, 30 May 2013 05:40:32 GMT
Server
nginx
ETag
"3109191060"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30872
style_xfs.css
xfs.jp/css/
18 KB
18 KB
Stylesheet
General
Full URL
http://xfs.jp/css/style_xfs.css
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Server
124.32.142.99 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x99.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
654c18891a34dcd275d189c10cdd83c0d00356a7f23a28cb12284e5947d62273

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xfs.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://xfs.jp/4EARMf?
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:48 GMT
Last-Modified
Mon, 21 Nov 2016 02:34:02 GMT
Server
nginx
ETag
"4231718475"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18202
xfs.css
xfs.jp/css/
1 KB
1 KB
Stylesheet
General
Full URL
http://xfs.jp/css/xfs.css
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Server
124.32.142.99 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x99.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
e1008c851a8e5629fb6019c6212e64b2e085478b3417328948a20406f32f9b53

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xfs.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://xfs.jp/4EARMf?
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:49 GMT
Last-Modified
Fri, 14 Jun 2013 04:41:22 GMT
Server
nginx
ETag
"515225805"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1049
main.js
sakura1.firestorage.jp/js/
18 KB
18 KB
Script
General
Full URL
http://sakura1.firestorage.jp/js/main.js
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
346d2a9b8ce8ba23f0485aa1e48e28026efa17913e34da4a4badce805b633465

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:49 GMT
Last-Modified
Fri, 18 Sep 2015 05:20:15 GMT
Server
nginx
ETag
"55fb9f0f-4757"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18263
swfTagWriter.js
sakura1.firestorage.jp/js/
12 KB
12 KB
Script
General
Full URL
http://sakura1.firestorage.jp/js/swfTagWriter.js
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
4c29cb5989fb01303e3659cf7bff4cc6daa8818550b0e5678d2726e44efa3636

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:49 GMT
Last-Modified
Mon, 01 May 2006 10:02:58 GMT
Server
nginx
ETag
"4455dcd2-3056"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12374
ad.cgi?ip=65&type=8
ad.firestorage.jp/
273 B
527 B
Script
General
Full URL
http://ad.firestorage.jp/ad.cgi?ip=65&type=8
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Server
124.32.142.98 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x98.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
7064a5e5fd39f6c7f7aaa1160a829cee46c5c3a6f799aabb3e2f58c7a6e372a3

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Mar 2019 02:04:49 GMT
Server
nginx
Content-Type
application/x-javascript; charset=UTF-8
Cache-Control
no-cache
Connection
keep-alive
Content-Length
273
Expires
Thu, 01 Dec 1994 16:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/
33 KB
11 KB
Script
General
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
541a7112cf1fcc0a91bd7069b1b30827f82d7d8515f0aa8f2778ef8bf0c3a635
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"97 / 948 of 1000 / last-modified: 1551500459"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin
*
Content-Length
10827
X-XSS-Protection
1; mode=block
Expires
Mon, 04 Mar 2019 02:04:48 GMT
stopbig.gif
sakura1.firestorage.jp/images/
6 KB
6 KB
Image
General
Full URL
http://sakura1.firestorage.jp/images/stopbig.gif
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
31e7867546b07593b6198d955a4e391868f073486a149232525a8602aafa7416

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:49 GMT
Last-Modified
Fri, 18 Dec 2009 03:20:10 GMT
Server
nginx
ETag
"4b2af4ea-1655"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5717
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
81 KB
31 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6f56b9f29500f8ff901335d4212132fd82955edecd64f1467aa8138dfdf9e24c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
10605269343677189053
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
30944
X-XSS-Protection
1; mode=block
Expires
Mon, 04 Mar 2019 02:04:48 GMT
fd_foot_win.png
images.firews.com/images/ad/
19 KB
19 KB
Image
General
Full URL
https://images.firews.com/images/ad/fd_foot_win.png
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
39.110.234.238 Tokyo, Japan, ASN2527 (SO-NET So-net Entertainment Corporation, JP),
Reverse DNS
ip276eeaee.ap.nuro.jp
Software
nginx /
Resource Hash
e1f2c14eab90d3813bbe610df5a29e0f671ef82e5efd0fd92c016078d1de9299

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:49 GMT
Last-Modified
Fri, 12 Jan 2018 03:05:38 GMT
Server
nginx
ETag
"5a582602-4bcc"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
19404
ft1.gif
sakura1.firestorage.jp/images/footer/
769 B
1000 B
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer/ft1.gif
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
9f4a2d51bd288fff6dd39e849b9c5665e47ce8983d310582f5b39385c1a56f66

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:49 GMT
Last-Modified
Thu, 16 Jun 2011 02:54:24 GMT
Server
nginx
ETag
"4df97060-301"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
769
ft2.gif
sakura1.firestorage.jp/images/footer/
1 KB
2 KB
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer/ft2.gif
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
fd51fb8e1a32cf78b43d31ff13ff606b24810385e204b68a2231c0da39da7f4e

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:49 GMT
Last-Modified
Thu, 16 Jun 2011 02:54:25 GMT
Server
nginx
ETag
"4df97061-556"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1366
ft3.gif
sakura1.firestorage.jp/images/footer/
342 B
573 B
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer/ft3.gif
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
f084c720b37221d4d1f26368fb87b7066bfbdaa262c6faf08bd625af1736a10f

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:49 GMT
Last-Modified
Thu, 16 Jun 2011 02:54:25 GMT
Server
nginx
ETag
"4df97061-156"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
342
ft4.gif
sakura1.firestorage.jp/images/footer/
217 B
447 B
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer/ft4.gif
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
b7ff59d085085eff158b2be2fa36f0c10436d7169f8c911e9bfbad520d58c36b

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:49 GMT
Last-Modified
Thu, 16 Jun 2011 02:54:25 GMT
Server
nginx
ETag
"4df97061-d9"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
217
btn_japan_lang.jpg
sakura1.firestorage.jp/images/footer/
12 KB
13 KB
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer/btn_japan_lang.jpg
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
02785f325f76d2ebce6c9ae623d0f3559f5fe80717a81072ac6465f86f9c73fa

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:49 GMT
Last-Modified
Tue, 09 Aug 2016 01:44:07 GMT
Server
nginx
ETag
"57a93567-3160"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12640
65.gif
ad.image.firestorage.jp/adimage/201802/
38 KB
39 KB
Image
General
Full URL
http://ad.image.firestorage.jp/adimage/201802/65.gif
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Server
124.32.142.98 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x98.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
2901a690310c4d6176e652ed2908b7355e609918ebacf40f20b5754242c8c92a

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Last-Modified
Tue, 06 Feb 2018 06:40:03 GMT
Server
nginx
ETag
"5a794dc3-9967"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39271
1x1.gif?65_8
images.firestorage.jp/images/
43 B
272 B
Image
General
Full URL
http://images.firestorage.jp/images/1x1.gif?65_8
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Server
124.32.142.98 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x98.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Last-Modified
Mon, 04 Feb 2013 05:43:56 GMT
Server
nginx
ETag
"510f4a9c-2b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
xfs_header.jpg
sakura1.firestorage.jp/images/
353 B
585 B
Image
General
Full URL
http://sakura1.firestorage.jp/images/xfs_header.jpg
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
45155716d3cad3933386577790f4af18f0b59d24be903703424276378f6a6de3

Request headers

Referer
http://xfs.jp/css/style_xfs.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:49 GMT
Last-Modified
Thu, 30 May 2013 05:45:03 GMT
Server
nginx
ETag
"51a6e75f-161"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
353
logo_xfs.gif
xfs.jp/images/
2 KB
2 KB
Image
General
Full URL
http://xfs.jp/images/logo_xfs.gif
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
HTTP/1.1
Server
124.32.142.99 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x99.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
c86212a6c6adc55a193703cb5db999109d58974048d68ab6391dac317fcafb98

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xfs.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://xfs.jp/css/basic_xfs.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xfs.jp/css/basic_xfs.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:49 GMT
Last-Modified
Thu, 30 May 2013 05:39:25 GMT
Server
nginx
ETag
"2535706098"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2165
pubads_impl_313.js
securepubads.g.doubleclick.net/gpt/
175 KB
61 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_313.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
sffe /
Resource Hash
92ca91e1a7a8e3f20a6cfbe487b20ec716258b98c3ab727c360513664341056d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 04 Mar 2019 02:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 22 Feb 2019 23:59:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
61934
x-xss-protection
1; mode=block
expires
Mon, 04 Mar 2019 02:04:49 GMT
integrator.sync.js?domain=xfs.jp
adservice.google.de/adsid/
113 B
489 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.sync.js?domain=xfs.jp
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 04 Mar 2019 02:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
108
x-xss-protection
1; mode=block
ads?gdfp_req=1&pvsid=2382107748294836&correlator=1541050413747686&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=21061743%2C21063203&vrg=313&guci=1.2.0.0.2.2.0.0&p...
securepubads.g.doubleclick.net/gampad/
40 KB
9 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2382107748294836&correlator=1541050413747686&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=21061743%2C21063203&vrg=313&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-32&iu=%2F24746711%2Fxfs728%E4%B8%8A%2Fdiv-gpt-ad-1399887565404-0&sz=728x90&click=%25%25CLICK_URL_UNESC%25%25&eri=2&cookie_enabled=1&bc=7&abxe=1&lmt=1551665089&dt=1551665089579&dlt=1551665088413&idt=1154&frm=20&biw=1585&bih=1200&oid=3&adk=2324868094&uci=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fxfs.jp%2F4EARMf%3F&dssz=6&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=162867941.1551665090&ga_sid=1551665090&ga_hid=1385961482&fws=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_313.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
f269c2c2d807536f9ace1dfbbd32d57c504e21ca7e83e640b386c95a409f3df2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 04 Mar 2019 02:04:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
9179
x-xss-protection
1; mode=block
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/javascript; charset=UTF-8
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_313.js
securepubads.g.doubleclick.net/gpt/
67 KB
25 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_313.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
sffe /
Resource Hash
36e37aa427c03ec10d908586e67951e999a31e5f9629ced1b79a7d8f10b40aad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 04 Mar 2019 02:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 22 Feb 2019 23:59:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
25399
x-xss-protection
1; mode=block
expires
Mon, 04 Mar 2019 02:04:49 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/
0
0
Other
General
Full URL
http://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_313.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

amp4ads-host-v0.js
cdn.ampproject.org/rtv/011902081532110/
20 KB
8 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/011902081532110/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_313.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a826cda262823b8ca4f27514fdd45cfa283e4bb8e946ee92ebd1caff2c602556
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
1871449
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
7911
x-xss-protection
1; mode=block
server
sffe
date
Sun, 10 Feb 2019 10:14:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"560459346dcf3764"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 10 Feb 2020 10:14:00 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011902081532110/ Frame 221A
266 KB
85 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0f9a2285a8ec601a41f5516c284c12b7675d574ef9ac56d6e3bf8a5c1d16bdec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
1514788
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
86301
x-xss-protection
1; mode=block
server
sffe
date
Thu, 14 Feb 2019 13:18:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7242e02f937d2a87"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Feb 2020 13:18:21 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011902081532110/v0/ Frame 221A
134 KB
42 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/011902081532110/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
508a5b4d4a7cbc7e71d9d1760f8c8a00bcf1c7e3eb2f40b3ca0cf9c81b507ce6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
884287
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
43030
x-xss-protection
1; mode=block
server
sffe
date
Thu, 21 Feb 2019 20:26:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1d1a4b04f9c8e7a4"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Feb 2020 20:26:42 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011902081532110/v0/ Frame 221A
3 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/011902081532110/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9de9e60349966893cb6a99cb06ecf38393ecd96b9bc3fc0a2f4b4de26ee5a9d4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
1007949
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
1600
x-xss-protection
1; mode=block
server
sffe
date
Wed, 20 Feb 2019 10:05:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1b6d1ab9200e762a"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Feb 2020 10:05:40 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011902081532110/v0/ Frame 221A
37 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/011902081532110/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5cbb761bc3958db792a638aa6e60ffb142436df4734ef3f9e2d5bf02ae67cd32
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
914670
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
13189
x-xss-protection
1; mode=block
server
sffe
date
Thu, 21 Feb 2019 12:00:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b73545b1b9e8f74f"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Feb 2020 12:00:19 GMT
data:truncated
data:truncated Frame 221A
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a40791a4c3feef44f0697ffa36b5162531dd5aa986763d9d2cbfa6c9080376d

Request headers

Response headers

Content-Type
image/png
osd.js?cb=%2Fr20100101
www.googletagservices.com/activeview/js/current/
77 KB
28 KB
Script
General
Full URL
http://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_313.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1d56c4a8196ffea388207309d9f9fe87d933a2838008ebfeb003cb0c12faaced
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1551269762062339"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=3000
Accept-Ranges
bytes
Content-Length
28006
X-XSS-Protection
1; mode=block
Expires
Mon, 04 Mar 2019 02:04:49 GMT
6176182424618907312?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnv5TAAUwyf8ZX1wpoVvhDtoiFuwQ
tpc.googlesyndication.com/simgad/ Frame 221A
15 KB
16 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/6176182424618907312?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnv5TAAUwyf8ZX1wpoVvhDtoiFuwQ
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
60e9472f8d5321ec1430a6eb82d9b40b8ba9f78e70ccb6b9ed2fd8c2669c1ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 12 Feb 2019 11:58:42 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Oct 2017 20:00:58 GMT
server
sffe
age
1692367
content-type
image/png
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15742
x-xss-protection
1; mode=block
expires
Wed, 12 Feb 2020 11:58:42 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 221A
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 03 Mar 2019 22:56:13 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
11316
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
2982
x-xss-protection
1; mode=block
expires
Mon, 04 Mar 2019 22:56:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 221A
344 B
689 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 03 Mar 2019 03:33:15 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
81094
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
344
x-xss-protection
1; mode=block
expires
Mon, 04 Mar 2019 03:33:15 GMT
adview?ai=CNssAwYd8XOGiJYvf3wO-7K24CKzRp6JU5eCI-L4H__WQ49cCEAEgu6DEB2CV4pCCoAegAb_4p6EDyAEC4AIAqAMByAMIqgS_AU_QDKNeyZDCpnfhiOzwVFnrXu5gIP8S1VEmmEHYHTsaYAyADUvMBIey-zwCM568b1yko2Iczb6rPdJCQNpJjmjvHL...
securepubads.g.doubleclick.net/pagead/ Frame 221A
0
273 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNssAwYd8XOGiJYvf3wO-7K24CKzRp6JU5eCI-L4H__WQ49cCEAEgu6DEB2CV4pCCoAegAb_4p6EDyAEC4AIAqAMByAMIqgS_AU_QDKNeyZDCpnfhiOzwVFnrXu5gIP8S1VEmmEHYHTsaYAyADUvMBIey-zwCM568b1yko2Iczb6rPdJCQNpJjmjvHL1ZnQzxwPen4-u2_5cBPDAZVIMtbz8fW2EXpOgv0S41AQiowbHBiw_k1i-zyAIBYZVmBhO3CVBuZFZMa86k_YFlO-FDbws8g3wpiyczNMe30ir5i2B_rASCCOjczt2mNfDQYLwwrHLcxChSEMLX5yAOCo_p-R9ynKsZpfTswATfuaO44AHgBAGSBQQIBBgBkgUECAUYBKAGAoAHqYfYXqgHjs4bqAfVyRuoB6gGqAfZyxuoB8_MG6gHpr4b2AcB8gcEEJesAdIICQiA4YBwEAEYAYAKAdgTDA&sigh=hfNCmkTjuu4&tpd=AGWhJmuPa1MPQ_pfCD1ptWSxgzJIceIwY9Q3dubFSFjP7CYxgQ
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

ads?gdfp_req=1&pvsid=2382107748294836&correlator=1541050413747686&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&adsid=NT&eid=21061743%2C21063203&vrg=313&guci=1.2.0.0....
securepubads.g.doubleclick.net/gampad/
50 KB
10 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2382107748294836&correlator=1541050413747686&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&adsid=NT&eid=21061743%2C21063203&vrg=313&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-32&iu=%2F24746711%2Fxfs728%E4%B8%8B%2Fdiv-gpt-ad-1399887844979-0&sz=728x90&click=%25%25CLICK_URL_UNESC%25%25&eri=2&cookie=ID%3D3c6ef102658ed399%3AT%3D1551665089%3AS%3DALNI_MaKttyGjlBhddg4AXZaxofB9bkQGg&cookie_enabled=1&bc=7&abxe=1&lmt=1551665089&dt=1551665089799&dlt=1551665088413&idt=1154&frm=20&biw=1585&bih=1200&oid=3&adk=3170240951&uci=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fxfs.jp%2F4EARMf%3F&dssz=14&icsg=2099882&std=0&csl=139&vis=1&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=162867941.1551665090&ga_sid=1551665090&ga_hid=1385961482&fws=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_313.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
85ba6e98eda63d12edb05349e6b9951d5670cd8c18cdc7211399067aef82d6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 04 Mar 2019 02:04:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
10269
x-xss-protection
1; mode=block
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/javascript; charset=UTF-8
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 221A
Redirect Chain
  • http://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
460 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

Date
Mon, 04 Mar 2019 02:04:49 GMT
X-Content-Type-Options
nosniff
Server
safe
Content-Type
text/html; charset=UTF-8
Location
https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control
private
Content-Length
246
X-XSS-Protection
1; mode=block
amp4ads-v0.js
cdn.ampproject.org/rtv/011902081532110/ Frame A4A9
266 KB
0
Script
General
Full URL
https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0f9a2285a8ec601a41f5516c284c12b7675d574ef9ac56d6e3bf8a5c1d16bdec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
1514788
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
86301
x-xss-protection
1; mode=block
server
sffe
date
Thu, 14 Feb 2019 13:18:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7242e02f937d2a87"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Feb 2020 13:18:21 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011902081532110/v0/ Frame A4A9
134 KB
0
Script
General
Full URL
https://cdn.ampproject.org/rtv/011902081532110/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
508a5b4d4a7cbc7e71d9d1760f8c8a00bcf1c7e3eb2f40b3ca0cf9c81b507ce6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
884287
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
43030
x-xss-protection
1; mode=block
server
sffe
date
Thu, 21 Feb 2019 20:26:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1d1a4b04f9c8e7a4"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Feb 2020 20:26:42 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011902081532110/v0/ Frame A4A9
3 KB
0
Script
General
Full URL
https://cdn.ampproject.org/rtv/011902081532110/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9de9e60349966893cb6a99cb06ecf38393ecd96b9bc3fc0a2f4b4de26ee5a9d4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
1007949
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
1600
x-xss-protection
1; mode=block
server
sffe
date
Wed, 20 Feb 2019 10:05:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1b6d1ab9200e762a"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Feb 2020 10:05:40 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011902081532110/v0/ Frame A4A9
37 KB
0
Script
General
Full URL
https://cdn.ampproject.org/rtv/011902081532110/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5cbb761bc3958db792a638aa6e60ffb142436df4734ef3f9e2d5bf02ae67cd32
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
914670
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
13189
x-xss-protection
1; mode=block
server
sffe
date
Thu, 21 Feb 2019 12:00:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b73545b1b9e8f74f"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Feb 2020 12:00:19 GMT
css?family=Roboto:300,400,500&lang=de
fonts.googleapis.com/ Frame A4A9
7 KB
724 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
35c990f5530deb7d2f640743aeb26a9e5d5c3bf1838542d9237f29fd93bec8a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 04 Mar 2019 02:04:50 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 04 Mar 2019 02:04:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Mon, 04 Mar 2019 02:04:50 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A4A9
3 KB
0
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Sun, 03 Mar 2019 22:56:13 GMT
x-content-type-options
nosniff
server
cafe
age
11316
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
15880770647744369592
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
2982
x-xss-protection
1; mode=block
expires
Mon, 04 Mar 2019 22:56:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A4A9
344 B
0
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_313.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Sun, 03 Mar 2019 03:33:15 GMT
x-content-type-options
nosniff
server
cafe
age
81094
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
344
x-xss-protection
1; mode=block
expires
Mon, 04 Mar 2019 03:33:15 GMT
data:truncated
data:truncated Frame A4A9
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f92b52aed9b64de275116de7378576a1e04b7843cb6c2dc966bd066bb66abb8

Request headers

Response headers

Content-Type
image/png
adview?ai=C8wi2wYd8XIrQMpSX-gbJya2QD_uBwZpVm5uz088G_oLAkO0LEAEgu6DEB2CV4pCCoAegAYihk_cDyAEBqQKsU5IlTxezPuACAKgDAcgDCqoE2QFP0NcwdYBIT7CO5x6GC68S8-A48rFMuKVOmYnCi66KP4yn6tjcodmXP_tnot6NFYcjqStIsh5qKj...
securepubads.g.doubleclick.net/pagead/ Frame A4A9
0
55 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C8wi2wYd8XIrQMpSX-gbJya2QD_uBwZpVm5uz088G_oLAkO0LEAEgu6DEB2CV4pCCoAegAYihk_cDyAEBqQKsU5IlTxezPuACAKgDAcgDCqoE2QFP0NcwdYBIT7CO5x6GC68S8-A48rFMuKVOmYnCi66KP4yn6tjcodmXP_tnot6NFYcjqStIsh5qKjYckNpBcEnMN30Q3FXIzREs6aTI4h8o0boiPn3U_7vi4p36LoUjAz9eKm-x8JrlAci3zygAPaoUBL1Q-FJLSSqGOlAtZSjq_SpMMZxr2_tWIBNEtJCr8j-OqGoWxPq0SLH7H8J5CegQ4MKLQSTYwvt9huctBoSpj3LXBHD1s8V0fqq9XRD8CZ-WQ-SyxFSEfZMvuGSbZinR25afktiouiBZwAS7mYmSyQHgBAGSBQQIBBgBkgUECAUYBIAH4N7sCKgHjs4bqAfVyRuoB6gGqAe6BqgH2csbqAfPzBuoB6a-G9gHAfIHBBDd2gPSCAkIgOGAcBABGAGACgHYEww&sigh=If_Si7JTi08&tpd=AGWhJmsN7jGFbvG69jzEOQsKTdTMOTw_UBOnlEPUi2yOXWKV6w
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

footer_top.jpg
sakura1.firestorage.jp/images/
460 B
692 B
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer_top.jpg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
6ccc08b1d2fd5b991371852df66ad0d82b1496a8917c5d0cd16d0750959435ab

Request headers

Referer
http://xfs.jp/css/style_xfs.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Last-Modified
Thu, 16 Jun 2011 06:09:13 GMT
Server
nginx
ETag
"4df99e09-1cc"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
460
ftf1.gif
sakura1.firestorage.jp/images/footer/
542 B
773 B
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer/ftf1.gif
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
160b3a3cc67f8fd69ddd142d1a4def1acfdbd4c6e167740f36bea27ebc505532

Request headers

Referer
http://xfs.jp/css/style_xfs.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Last-Modified
Thu, 16 Jun 2011 02:54:24 GMT
Server
nginx
ETag
"4df97060-21e"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
542
ftf2.gif
sakura1.firestorage.jp/images/footer/
627 B
858 B
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer/ftf2.gif
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
7972da514c1dcabfeb504a88cea295068f9b14707ed829c0e89bde5dd193cca0

Request headers

Referer
http://xfs.jp/css/style_xfs.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Last-Modified
Thu, 16 Jun 2011 02:54:24 GMT
Server
nginx
ETag
"4df97060-273"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
627
ftf3.gif
sakura1.firestorage.jp/images/footer/
1 KB
1 KB
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer/ftf3.gif
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
dd505a95fdf91888935e7361efe7820a083e55f5f182810402147777f89bc264

Request headers

Referer
http://xfs.jp/css/style_xfs.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Last-Modified
Thu, 16 Jun 2011 02:54:24 GMT
Server
nginx
ETag
"4df97060-410"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1040
ftf4.gif
sakura1.firestorage.jp/images/footer/
613 B
844 B
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer/ftf4.gif
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
0d28c6c701e262cef902b05c193bf249ff033d9441a381cea3b30b21d301c9bb

Request headers

Referer
http://xfs.jp/css/style_xfs.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Last-Modified
Thu, 16 Jun 2011 02:54:25 GMT
Server
nginx
ETag
"4df97061-265"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
613
ftf5.gif
sakura1.firestorage.jp/images/footer/
632 B
863 B
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer/ftf5.gif
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
8058bb53b38086824a856f2f06bae1409f74aadd3d4e0dfcc925696016159ac6

Request headers

Referer
http://xfs.jp/css/style_xfs.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Last-Modified
Thu, 16 Jun 2011 02:54:25 GMT
Server
nginx
ETag
"4df97061-278"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
632
ftf8.gif
sakura1.firestorage.jp/images/footer/
617 B
848 B
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer/ftf8.gif
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
894b6c70b6cd87396e994f563695f5f46b507ee38cd26223a658cfb8efb5e215

Request headers

Referer
http://xfs.jp/css/style_xfs.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Last-Modified
Thu, 16 Jun 2011 02:54:25 GMT
Server
nginx
ETag
"4df97061-269"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
617
ftf6.gif
sakura1.firestorage.jp/images/footer/
558 B
789 B
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer/ftf6.gif
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
8894ccc31da3da36ce88127079e772ede9e949617bb77e361f1551db86043e78

Request headers

Referer
http://xfs.jp/css/style_xfs.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Last-Modified
Thu, 16 Jun 2011 02:54:25 GMT
Server
nginx
ETag
"4df97061-22e"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
558
ftf7.png
sakura1.firestorage.jp/images/footer/
657 B
888 B
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer/ftf7.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
5e433fe15e0748e075899a1b83105a4ea453f7375db725e4e14529ed964258d0

Request headers

Referer
http://xfs.jp/css/style_xfs.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Last-Modified
Fri, 06 Jan 2012 08:15:53 GMT
Server
nginx
ETag
"4f06adb9-291"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
657
camera_add.gif
sakura1.firestorage.jp/images/
654 B
885 B
Image
General
Full URL
http://sakura1.firestorage.jp/images/camera_add.gif
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
9c169e1dab549c026c9a131185791ffffd7eb603928056245fbc530f6c06c8f9

Request headers

Referer
http://xfs.jp/css/style_xfs.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Last-Modified
Mon, 02 Apr 2012 00:56:54 GMT
Server
nginx
ETag
"4f78f956-28e"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
654
ftf9.gif
sakura1.firestorage.jp/images/footer/
619 B
850 B
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer/ftf9.gif
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
d624ff4674834001473e5c5a71e36e107e3e2ecbef158d15a34956d333dfcea0

Request headers

Referer
http://xfs.jp/css/style_xfs.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Last-Modified
Thu, 16 Jun 2011 02:54:24 GMT
Server
nginx
ETag
"4df97060-26b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
619
ftf10.gif
sakura1.firestorage.jp/images/footer/
580 B
811 B
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer/ftf10.gif
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
359cec5f7a318a32f03ffbb0a0532412bd6c301c73ace8bc05d2cd18903a67b7

Request headers

Referer
http://xfs.jp/css/style_xfs.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Last-Modified
Thu, 16 Jun 2011 02:54:24 GMT
Server
nginx
ETag
"4df97060-244"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
580
ftf11.gif
sakura1.firestorage.jp/images/footer/
580 B
811 B
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer/ftf11.gif
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
08f085cfeb74b308b286b8ea0f932d7834485468d47c3739fddb4d06c8c66925

Request headers

Referer
http://xfs.jp/css/style_xfs.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Last-Modified
Thu, 16 Jun 2011 02:54:25 GMT
Server
nginx
ETag
"4df97061-244"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
580
ftf12.gif
sakura1.firestorage.jp/images/footer/
594 B
825 B
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer/ftf12.gif
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
017970d2f84270fbc320e55c90c09c4950e5eda45981b2fbdf019cfe162ff3b4

Request headers

Referer
http://xfs.jp/css/style_xfs.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Last-Modified
Thu, 16 Jun 2011 02:54:25 GMT
Server
nginx
ETag
"4df97061-252"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
594
ftf13.gif
sakura1.firestorage.jp/images/footer/
1 KB
1 KB
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer/ftf13.gif
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
18bbeb6b114a5a128e0f0a80e6f5d94a923cb60539cdb6f464dfa6253bbba6f5

Request headers

Referer
http://xfs.jp/css/style_xfs.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Last-Modified
Thu, 16 Jun 2011 02:54:25 GMT
Server
nginx
ETag
"4df97061-403"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1027
ftf14.gif
sakura1.firestorage.jp/images/footer/
642 B
873 B
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer/ftf14.gif
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
a1cecad50b0097f481884a6edfa7d0dffc4a8b53e1504e722774a5918c16e699

Request headers

Referer
http://xfs.jp/css/style_xfs.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Last-Modified
Thu, 16 Jun 2011 02:54:25 GMT
Server
nginx
ETag
"4df97061-282"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
642
ftf15.gif
sakura1.firestorage.jp/images/footer/
639 B
870 B
Image
General
Full URL
http://sakura1.firestorage.jp/images/footer/ftf15.gif
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Protocol
HTTP/1.1
Server
124.32.142.103 Hachioji, Japan, ASN17506 (UCOM UCOM Corp., JP),
Reverse DNS
124x32x142x103.ap124.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
a4998fa708987aec9caa04b9abdb48a74a2f75c88ead86179aeff3be33fe23f1

Request headers

Referer
http://xfs.jp/css/style_xfs.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Last-Modified
Thu, 16 Jun 2011 02:54:25 GMT
Server
nginx
ETag
"4df97061-27f"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
639
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
3520
date
Mon, 04 Mar 2019 01:06:10 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
17168
expires
Mon, 04 Mar 2019 03:06:10 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190227/r20190131/
195 KB
73 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190227/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
31f3224dc947d402d9c094684600cef2912ece34f6c88b4d581f8eafe315009c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
906222807878116051
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
73769
X-XSS-Protection
1; mode=block
Expires
Mon, 04 Mar 2019 02:04:50 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190227/r20190131/ Frame 2B30
195 KB
73 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190227/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
31f3224dc947d402d9c094684600cef2912ece34f6c88b4d581f8eafe315009c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
906222807878116051
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
73769
X-XSS-Protection
1; mode=block
Expires
Mon, 04 Mar 2019 02:04:50 GMT
ca-pub-8432763221888476.js
pagead2.googlesyndication.com/pub-config/r20160913/
133 B
431 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8432763221888476.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ad3f5743027d58f0c5e8b2f074edc3fb50e776ddecdb8a90531fd30407d6ff48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 03 Mar 2019 19:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 01 Mar 2019 20:45:21 GMT
server
sffe
age
21958
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
125
x-xss-protection
1; mode=block
expires
Mon, 04 Mar 2019 07:58:52 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190227/r20190131/ Frame 0AD6
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190227/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190227/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://xfs.jp/4EARMf?
accept-encoding
gzip, deflate, br
cookie
DSID=NO_DATA; IDE=AHWqTUlf85J3UnwcmRwC_tB58dCUAPz5Y5aFny5mcms2M9PpIBrqMiRhxmoFByOZ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://xfs.jp/4EARMf?

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 28 Feb 2019 02:16:43 GMT
expires
Thu, 14 Mar 2019 02:16:43 GMT
content-type
text/html; charset=UTF-8
etag
15457983066924787283
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6951
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
344887
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
si
googleads.g.doubleclick.net/pagead/drt/ Frame A4A9
Redirect Chain
  • http://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
160 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

Date
Mon, 04 Mar 2019 02:04:50 GMT
X-Content-Type-Options
nosniff
Server
safe
Content-Type
text/html; charset=UTF-8
Location
https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control
private
Content-Length
246
X-XSS-Protection
1; mode=block
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A4A9
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de
Origin
http://xfs.jp

Response headers

date
Mon, 11 Feb 2019 10:26:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
1784298
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10788
x-xss-protection
1; mode=block
expires
Tue, 11 Feb 2020 10:26:32 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A4A9
10 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de
Origin
http://xfs.jp

Response headers

date
Mon, 11 Feb 2019 10:27:19 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
1784251
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10748
x-xss-protection
1; mode=block
expires
Tue, 11 Feb 2020 10:27:19 GMT
xfs.jp&dtd=100
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8432763221888476&output=html&h=600&slotname=9450298085&adk=1424688035&adf=1541513980&w=300&lmt=1551665090&guci=1.2.0.0.2.2.0.0&format=300x600&ur... Frame FEA4
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8432763221888476&output=html&h=600&slotname=9450298085&adk=1424688035&adf=1541513980&w=300&lmt=1551665090&guci=1.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fxfs.jp%2F4EARMf%3F&flash=0&wgl=1&adsid=NT&dt=1551665090108&bpp=14&bdt=1695&fdt=86&idt=84&shv=r20190227&cbv=r20190131&saldr=aa&abxe=1&correlator=3043375695653&frm=20&pv=2&ga_vid=162867941.1551665090&ga_sid=1551665090&ga_hid=1385961482&ga_fc=0&iag=0&icsg=570469034&dssz=21&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1022&ady=144&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21063245%2C20040011&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=3&uci=3.3atj6g541jeg&fsb=1&xpc=lkNFxwKkKS&p=http%3A//xfs.jp&dtd=100
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190227/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8432763221888476&output=html&h=600&slotname=9450298085&adk=1424688035&adf=1541513980&w=300&lmt=1551665090&guci=1.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fxfs.jp%2F4EARMf%3F&flash=0&wgl=1&adsid=NT&dt=1551665090108&bpp=14&bdt=1695&fdt=86&idt=84&shv=r20190227&cbv=r20190131&saldr=aa&abxe=1&correlator=3043375695653&frm=20&pv=2&ga_vid=162867941.1551665090&ga_sid=1551665090&ga_hid=1385961482&ga_fc=0&iag=0&icsg=570469034&dssz=21&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1022&ady=144&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21063245%2C20040011&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=3&uci=3.3atj6g541jeg&fsb=1&xpc=lkNFxwKkKS&p=http%3A//xfs.jp&dtd=100
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://xfs.jp/4EARMf?
accept-encoding
gzip, deflate, br
cookie
DSID=NO_DATA; IDE=AHWqTUlf85J3UnwcmRwC_tB58dCUAPz5Y5aFny5mcms2M9PpIBrqMiRhxmoFByOZ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://xfs.jp/4EARMf?

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 04 Mar 2019 02:04:50 GMT
server
cafe
content-length
54904
x-xss-protection
1; mode=block
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1007914-23&cid=162867941.1551665090&jid=225774083&_v=5.7.2&z=1805238920&slf_rd=1&random=227945170
www.google.de/ads/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1805238920&utmhn=xfs.jp&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E7%84%A1%E6%9...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1805238920&utmhn=xfs.jp&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E7%84%A1%E6%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1007914-23&cid=162867941.1551665090&jid=225774083&_v=5.7.2&z=1805238920
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1007914-23&cid=162867941.1551665090&jid=225774083&_v=5.7.2&z=1805238920
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1007914-23&cid=162867941.1551665090&jid=225774083&_v=5.7.2&z=1805238920&slf_rd=1&random=227945170
42 B
383 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1007914-23&cid=162867941.1551665090&jid=225774083&_v=5.7.2&z=1805238920&slf_rd=1&random=227945170
Requested by
Host: xfs.jp
URL: http://xfs.jp/4EARMf?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2019 02:04:50 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Mar 2019 02:04:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1007914-23&cid=162867941.1551665090&jid=225774083&_v=5.7.2&z=1805238920&slf_rd=1&random=227945170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
r
amp-error-reporting.appspot.com/ Frame 221A
2 B
153 B
XHR
General
Full URL
https://amp-error-reporting.appspot.com/r
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:809::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
http://xfs.jp/4EARMf?
Origin
http://xfs.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 04 Mar 2019 02:04:50 GMT
via
1.1 google
x-powered-by
Express
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
2
activeview?xai=AKAOjsu5x5KIoYrIrNyZkeRQLud02HhS5Yh_25zIqD0Xo2MrcIZUA0httCT860WiYkeZLDiFJ4CZUiKH-tud6HQchiTtpAy1d0ml0eRPP3UTm_MqzUnIkvNjBw&sai=AMfl-YT6D7hrDdwELgZU3G9uIEiBuVKuhp6MD7Ukb4zHIqEWMsg5w0G...
pagead2.googlesyndication.com/pcs/ Frame 221A
42 B
291 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5x5KIoYrIrNyZkeRQLud02HhS5Yh_25zIqD0Xo2MrcIZUA0httCT860WiYkeZLDiFJ4CZUiKH-tud6HQchiTtpAy1d0ml0eRPP3UTm_MqzUnIkvNjBw&sai=AMfl-YT6D7hrDdwELgZU3G9uIEiBuVKuhp6MD7Ukb4zHIqEWMsg5w0Gr-8g-jvLc5N9nI2RIrgWv2MGwlSXuTsSVDHNOlIlZ5b5NcHGdWizL&sig=Cg0ArKJSzHAq6kjD6MNvEAE&id=ampim&o=264,124&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=80&tls=1080&g=100&h=100&pt=1&tt=1081&rpt=1&rst=1551665089773&r=v&adk=2324868094&avms=ampa
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2019 02:04:50 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview?xai=AKAOjsuSA8rkec9hdyQaaYStY1e39QiXZ1crHcigIJWNK0XN0DWpt1MUzjNtIZIDF2WT7-yrQyvkbYMs2DyZpAhhhxyvlRamFaTS2mpYEM084sZa5Ek82uJvqzqxwR-xy7cKJBxErW0qXTsunF4_&sai=AMfl-YTAr9eyPdQkDryinvCGw6mYH...
pagead2.googlesyndication.com/pcs/ Frame A4A9
42 B
110 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSA8rkec9hdyQaaYStY1e39QiXZ1crHcigIJWNK0XN0DWpt1MUzjNtIZIDF2WT7-yrQyvkbYMs2DyZpAhhhxyvlRamFaTS2mpYEM084sZa5Ek82uJvqzqxwR-xy7cKJBxErW0qXTsunF4_&sai=AMfl-YTAr9eyPdQkDryinvCGw6mYH3oMcYKZK4LLJmKQgnyd3v81wlyj-0Pq5S_ZRrco3UdGYSjEOzWKkg2spL1gzKQYbCMMseZQqC4roBfIdKPCfzwtV-Q4wA7NdM4&sig=Cg0ArKJSzJiUSMjIWWgCEAE&cid=CAASPeRoG7sDyjxkTjAlNhEGrEQVQJ2nPXSk_2u2LK9wauI6ywguDE0tXNAie0Tp2MUEjJsTiiURPqf0KA_7WQw&id=ampim&o=264,521&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=130&tls=1130&g=100&h=100&pt=0&tt=1130&rpt=0&rst=1551665089995&r=v&adk=3170240951&avms=ampa
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xfs.jp/4EARMf?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2019 02:04:51 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
r
amp-error-reporting.appspot.com/ Frame A4A9
2 B
64 B
XHR
General
Full URL
https://amp-error-reporting.appspot.com/r
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:809::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
http://xfs.jp/4EARMf?
Origin
http://xfs.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 04 Mar 2019 02:04:51 GMT
via
1.1 google
x-powered-by
Express
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
2

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask string| exps string| fcheck undefined| fkey object| _nv function| anzCommit function| xfsCommit function| showDialog function| clp function| check_hidebox function| check_hidebox2 function| check_exp function| check_hidebox_com function| email_check function| check_upload_exp function| check_expbox function| check_show_url function| check_copy_file_rep function| submit_url function| show_url function| show_loginbox function| show_langbox function| show_comview function| reg_check function| boxChecked function| total_sum function| total_pass function| checkPlugin function| displayData function| displayDataVirus function| delete_submit function| process_submit function| delete_item_submit function| shop_hidebox function| createXMLHttpRequest function| $ function| nextpic function| encodeURL function| getFlashVersion function| setFocus function| strLength function| showLength function| show_thumbnail function| murl function| umurl function| xfsurl function| az function| check_hideboxx function| check_expbox_photo function| check_hideboxs function| changeType object| jp string| _uid object| googletag object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleTokenSync object| GPT_jstiming boolean| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id object| google_reactive_ads_global_state object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| ampInaboxIframes object| ampInaboxPendingMessages object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| AMP_CONFIG object| log object| AMPErrors boolean| ampInaboxInitialized object| AMP_MODE function| reportError object| AMP object| adsbygoogle object| _gaq object| google_ad_modifications function| processGoogleToken object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_lpabyc object| google_sv_map object| google_t12n_vars function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| google_pub_config number| google_global_correlator object| google_prev_clients object| google_iframe_oncopy object| _gat

8 Cookies

Domain/Path Name / Value
.xfs.jp/ Name: __utmb
Value: 83060959.1.10.1551665090
.xfs.jp/ Name: __utma
Value: 83060959.162867941.1551665090.1551665090.1551665090.1
.doubleclick.net/ Name: IDE
Value: AHWqTUlf85J3UnwcmRwC_tB58dCUAPz5Y5aFny5mcms2M9PpIBrqMiRhxmoFByOZ
.xfs.jp/ Name: __utmt
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.xfs.jp/ Name: __utmc
Value: 83060959
.xfs.jp/ Name: __utmz
Value: 83060959.1551665090.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.xfs.jp/ Name: __gads
Value: ID=3c6ef102658ed399:T=1551665089:S=ALNI_MaKttyGjlBhddg4AXZaxofB9bkQGg

4 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js(Line 546)
Message:
Powered by AMP ⚡ HTML – Version 1902081532110
console-api error URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js(Line 138)
Message:
localStorage not supported.
console-api info URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js(Line 546)
Message:
Powered by AMP ⚡ HTML – Version 1902081532110
console-api error URL: https://cdn.ampproject.org/rtv/011902081532110/amp4ads-v0.js(Line 138)
Message:
localStorage not supported.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.firestorage.jp
ad.image.firestorage.jp
adservice.google.de
amp-error-reporting.appspot.com
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.firestorage.jp
images.firews.com
pagead2.googlesyndication.com
sakura1.firestorage.jp
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
xfs.jp
124.32.142.103
124.32.142.98
124.32.142.99
172.217.22.2
2a00:1450:4001:806::2003
2a00:1450:4001:808::2003
2a00:1450:4001:809::2014
2a00:1450:4001:80b::200a
2a00:1450:4001:815::2004
2a00:1450:4001:817::2002
2a00:1450:4001:819::2002
2a00:1450:4001:81b::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81d::2002
2a00:1450:4001:81e::2001
2a00:1450:4001:81f::200e
2a00:1450:400c:c04::9b
39.110.234.238
017970d2f84270fbc320e55c90c09c4950e5eda45981b2fbdf019cfe162ff3b4
02785f325f76d2ebce6c9ae623d0f3559f5fe80717a81072ac6465f86f9c73fa
08f085cfeb74b308b286b8ea0f932d7834485468d47c3739fddb4d06c8c66925
0d28c6c701e262cef902b05c193bf249ff033d9441a381cea3b30b21d301c9bb
0f9a2285a8ec601a41f5516c284c12b7675d574ef9ac56d6e3bf8a5c1d16bdec
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
160b3a3cc67f8fd69ddd142d1a4def1acfdbd4c6e167740f36bea27ebc505532
18bbeb6b114a5a128e0f0a80e6f5d94a923cb60539cdb6f464dfa6253bbba6f5
1d56c4a8196ffea388207309d9f9fe87d933a2838008ebfeb003cb0c12faaced
2901a690310c4d6176e652ed2908b7355e609918ebacf40f20b5754242c8c92a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31e7867546b07593b6198d955a4e391868f073486a149232525a8602aafa7416
31f3224dc947d402d9c094684600cef2912ece34f6c88b4d581f8eafe315009c
346d2a9b8ce8ba23f0485aa1e48e28026efa17913e34da4a4badce805b633465
359cec5f7a318a32f03ffbb0a0532412bd6c301c73ace8bc05d2cd18903a67b7
35c990f5530deb7d2f640743aeb26a9e5d5c3bf1838542d9237f29fd93bec8a3
36e37aa427c03ec10d908586e67951e999a31e5f9629ced1b79a7d8f10b40aad
3a7ec7d7e449a3a026aaec4b3c2a11a41945ab5cd1610807a0009a0708501064
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
45155716d3cad3933386577790f4af18f0b59d24be903703424276378f6a6de3
4c29cb5989fb01303e3659cf7bff4cc6daa8818550b0e5678d2726e44efa3636
508a5b4d4a7cbc7e71d9d1760f8c8a00bcf1c7e3eb2f40b3ca0cf9c81b507ce6
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
541a7112cf1fcc0a91bd7069b1b30827f82d7d8515f0aa8f2778ef8bf0c3a635
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a40791a4c3feef44f0697ffa36b5162531dd5aa986763d9d2cbfa6c9080376d
5cbb761bc3958db792a638aa6e60ffb142436df4734ef3f9e2d5bf02ae67cd32
5e433fe15e0748e075899a1b83105a4ea453f7375db725e4e14529ed964258d0
60e9472f8d5321ec1430a6eb82d9b40b8ba9f78e70ccb6b9ed2fd8c2669c1ace
654c18891a34dcd275d189c10cdd83c0d00356a7f23a28cb12284e5947d62273
6ccc08b1d2fd5b991371852df66ad0d82b1496a8917c5d0cd16d0750959435ab
6f56b9f29500f8ff901335d4212132fd82955edecd64f1467aa8138dfdf9e24c
7064a5e5fd39f6c7f7aaa1160a829cee46c5c3a6f799aabb3e2f58c7a6e372a3
7972da514c1dcabfeb504a88cea295068f9b14707ed829c0e89bde5dd193cca0
7f92b52aed9b64de275116de7378576a1e04b7843cb6c2dc966bd066bb66abb8
8058bb53b38086824a856f2f06bae1409f74aadd3d4e0dfcc925696016159ac6
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
85ba6e98eda63d12edb05349e6b9951d5670cd8c18cdc7211399067aef82d6a5
8894ccc31da3da36ce88127079e772ede9e949617bb77e361f1551db86043e78
894b6c70b6cd87396e994f563695f5f46b507ee38cd26223a658cfb8efb5e215
92ca91e1a7a8e3f20a6cfbe487b20ec716258b98c3ab727c360513664341056d
9c169e1dab549c026c9a131185791ffffd7eb603928056245fbc530f6c06c8f9
9de9e60349966893cb6a99cb06ecf38393ecd96b9bc3fc0a2f4b4de26ee5a9d4
9f4a2d51bd288fff6dd39e849b9c5665e47ce8983d310582f5b39385c1a56f66
a1cecad50b0097f481884a6edfa7d0dffc4a8b53e1504e722774a5918c16e699
a4998fa708987aec9caa04b9abdb48a74a2f75c88ead86179aeff3be33fe23f1
a826cda262823b8ca4f27514fdd45cfa283e4bb8e946ee92ebd1caff2c602556
ad3f5743027d58f0c5e8b2f074edc3fb50e776ddecdb8a90531fd30407d6ff48
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
b7ff59d085085eff158b2be2fa36f0c10436d7169f8c911e9bfbad520d58c36b
c86212a6c6adc55a193703cb5db999109d58974048d68ab6391dac317fcafb98
c8f6ecee3f1aa1ba15959eb53ba8f0dc67ea1c835b3a51e1636929de0c788dd5
d624ff4674834001473e5c5a71e36e107e3e2ecbef158d15a34956d333dfcea0
dd505a95fdf91888935e7361efe7820a083e55f5f182810402147777f89bc264
e1008c851a8e5629fb6019c6212e64b2e085478b3417328948a20406f32f9b53
e1f2c14eab90d3813bbe610df5a29e0f671ef82e5efd0fd92c016078d1de9299
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ea3a8b1be5b700801f28907c24d199e36cb48c4901417493ffa9cf727a6c1311
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f084c720b37221d4d1f26368fb87b7066bfbdaa262c6faf08bd625af1736a10f
f269c2c2d807536f9ace1dfbbd32d57c504e21ca7e83e640b386c95a409f3df2
fd51fb8e1a32cf78b43d31ff13ff606b24810385e204b68a2231c0da39da7f4e