www.jibungenin-motherspower.net Open in urlscan Pro
54.171.31.214 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://jibungenin-motherspower.net/
Effective URL:
https://www.jibungenin-motherspower.net/
Submission Tags: krdprod
Submission: On May 23 via api (May 23rd 2021, 2:44:38 pm UTC) from JP

Summary HTTP 47 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 47 HTTP transactions. The main IP is 54.171.31.214, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.jibungenin-motherspower.net.
TLS certificate: Issued by R3 on May 3rd 2021. Valid for: 3 months.

This is the only time www.jibungenin-motherspower.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.252.224.184 34.252.224.184	16509 (AMAZON-02) (AMAZON-02)
1	54.171.31.214 54.171.31.214	16509 (AMAZON-02) (AMAZON-02)
11	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	34.252.189.87 34.252.189.87	16509 (AMAZON-02) (AMAZON-02)
47	14

1 34.252.224.184 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-224-184.eu-west-1.compute.amazonaws.com

jibungenin-motherspower.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.31.214 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-31-214.eu-west-1.compute.amazonaws.com

www.jibungenin-motherspower.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

assets.jimstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.jimcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

image.jimcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.189.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-189-87.eu-west-1.compute.amazonaws.com

a.jimdo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	279 KB
8	jimcdn.com u.jimcdn.com image.jimcdn.com	227 KB
6	doubleclick.net googleads.g.doubleclick.net	41 KB
5	jimstatic.com assets.jimstatic.com	320 KB
3	google-analytics.com www.google-analytics.com ssl.google-analytics.com	17 KB
2	googletagservices.com www.googletagservices.com	64 KB
2	google.com 1 redirects adservice.google.com www.google.com	649 B
2	jibungenin-motherspower.net 1 redirects jibungenin-motherspower.net www.jibungenin-motherspower.net	11 KB
1	jimdo.com a.jimdo.com	262 B
1	google.de adservice.google.de	799 B
1	googleadservices.com partner.googleadservices.com	652 B
47	11

	Domain	Requested by
12	tpc.googlesyndication.com	googleads.g.doubleclick.net www.jibungenin-motherspower.net tpc.googlesyndication.com pagead2.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.jibungenin-motherspower.net googleads.g.doubleclick.net
6	pagead2.googlesyndication.com	www.jibungenin-motherspower.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	u.jimcdn.com	www.jibungenin-motherspower.net u.jimcdn.com
5	assets.jimstatic.com	www.jibungenin-motherspower.net assets.jimstatic.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	ssl.google-analytics.com	www.jibungenin-motherspower.net
2	image.jimcdn.com	www.jibungenin-motherspower.net
1	a.jimdo.com	assets.jimstatic.com
1	www.google.com	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.jibungenin-motherspower.net
1	www.jibungenin-motherspower.net
1	jibungenin-motherspower.net	1 redirects
47	16

This site contains links to these domains. Also see Links.

Domain
mamakaihou.jimdo.com
ameblo.jp
cms.e.jimdo.com
a.jimdo.com

Subject Issuer	Validity	Valid
www.jibungenin-motherspower.net R3	`2021-05-03` - `2021-08-01`	3 months	crt.sh
*.jimstatic.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.jimcdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.jimdo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-21` - `2022-06-21`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.jibungenin-motherspower.net/
Frame ID: 8881E9DE5E420E3D26FA0557F97350BB
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html
Frame ID: 31B10D1AEB6A80E48BEF556EAF689F77
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3307574940271066&output=html&adk=1261505796&adf=3692917392&lmt=1621781061&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.jibungenin-motherspower.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621781061083&bpp=4&bdt=505&idt=118&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4297526866928&frm=20&pv=2&ga_vid=1194033827.1621781061&ga_sid=1621781061&ga_hid=1413282738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=138645943595613&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=135
Frame ID: 085C5397864BF07FB7F2A43D928936BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3307574940271066&output=html&h=280&slotname=1169246637&adk=3992469774&adf=2330303964&pi=t.ma~as.1169246637&w=520&fwrn=4&fwrnh=100&lmt=1621781061&rafmt=1&psa=0&format=520x280&url=https%3A%2F%2Fwww.jibungenin-motherspower.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621781061087&bpp=3&bdt=510&idt=135&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4297526866928&frm=20&pv=1&ga_vid=1194033827.1621781061&ga_sid=1621781061&ga_hid=1413282738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=675&ady=3049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=138645943595613&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4nTf23PVEH&p=https%3A//www.jibungenin-motherspower.net&dtd=140
Frame ID: D99208C407BA610DA867DC0F5C785843
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8524266731230535703/index.html
Frame ID: 414C91DF4DEB757979E97030A63B5D5B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CxeCfRWqqYPTQD9HwtweXpau4BZHW3-dipYDujtMN6_D-gMckEAEgptKJa2CVAqAB4J7E-APIAQmpAm-hncQFcLQ-qAMByANIqgTaAU_QjT3LJqjVOLQcGNEosfnA0m1YbiYOzeLEI7lH7xs7NnOVpTKatEClfAOwPhdX5ghdb5qBtGna_241QUaq_fiZGPr8js0GFeeIOb5CRkMgte7RLJkU4_kgLs_Z5Iu0kIBM9VUnWKzewm_ILw47QvrtrOgQUJs5xh3hfnEPVNSRdbp9O-N3AMc2F_ElEFySU86DTQ0RPlfPdcFmv90Yq1G9QbSIS4bEFxRB_4MCvCKS0U1DviBtekWidySBrzkjF_XBnS0FE5c0xotVErEHiBqbAMM7hBwoocVSwATgoZqWwAOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHx8D2AqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCK1QrSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGYFgGAFwGyFxoKGAgAEhRwdWItMzMwNzU3NDk0MDI3MTA2Ng&sigh=0KhuKeIOS6k&template_id=419
Frame ID: 18A025B4C610F6AC61D15A7B42C7EEF7
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: DA7354DD0B09DB176E2E0A1A0D824EB5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 0AC0F5B838D15585655CB02BFE1A6649
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://jibungenin-motherspower.net/ HTTP 301
https://www.jibungenin-motherspower.net/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

47
Requests

100 %
HTTPS

60 %
IPv6

11
Domains

16
Subdomains

14
IPs

3
Countries

961 kB
Transfer

2311 kB
Size

13
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://mamakaihou.jimdo.com/
Title: ホーム

Search URL Search Domain Scan URL

URL: http://mamakaihou.jimdo.com/%E5%80%8B%E4%BA%BA%E3%82%BB%E3%83%83%E3%82%B7%E3%83%A7%E3%83%B3%E6%96%99%E9%87%91/
Title: 個別セッション料金

Search URL Search Domain Scan URL

URL: http://mamakaihou.jimdo.com/%E3%82%BB%E3%83%83%E3%82%B7%E3%83%A7%E3%83%B3%E7%94%B3%E3%81%97%E8%BE%BC%E3%81%BF/
Title: 個別セッションお申込

Search URL Search Domain Scan URL

URL: http://mamakaihou.jimdo.com/%E3%82%BB%E3%83%A9%E3%83%94%E3%82%B9%E3%83%88-%E3%83%97%E3%83%AD%E3%83%95%E3%82%A3%E3%83%BC%E3%83%AB/
Title: プロフィール

Search URL Search Domain Scan URL

URL: http://mamakaihou.jimdo.com/%E3%81%8A%E5%95%8F%E3%81%84%E5%90%88%E3%81%9B/
Title: お問い合わせ

Search URL Search Domain Scan URL

URL: http://ameblo.jp/mama-kaihou/
Title: アメブロ　

Search URL Search Domain Scan URL

URL: https://cms.e.jimdo.com/app/cms/logout.php
Title: ログアウト

Search URL Search Domain Scan URL

URL: https://a.jimdo.com/app/auth/signin/jumpcms/?page=1017669613
Title: 編集

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://jibungenin-motherspower.net/ HTTP 301
https://www.jibungenin-motherspower.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

47 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.jibungenin-motherspower.net/
Redirect Chain

https://jibungenin-motherspower.net/
https://www.jibungenin-motherspower.net/

55 KB
11 KB

292ms
110ms

Document
text/html

54.171.31.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jibungenin-motherspower.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.171.31.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-31-214.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a0240cb3a46ade0c9a987b23c52a8c6d614405dcca526c3d7c646ad525a09c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Host: www.jibungenin-motherspower.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 May 2021 14:44:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-RateLimit-Limit: 8000
X-RateLimit-Remaining: 7999
X-RateLimit-Reset: 0
X-Jimdo-Instance: i-0d1226e6d32790996
X-Jimdo-Wid: s099ef0c3a630ee0b
Cache-Control: no-cache, no-store, must-revalidate
Strict-Transport-Security: max-age=604800
Server: nginx
Content-Encoding: gzip

Redirect headers

Date: Sun, 23 May 2021 14:44:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-RateLimit-Limit: 8000
X-RateLimit-Remaining: 7999
X-RateLimit-Reset: 0
X-Jimdo-Instance: i-0e3f53599ce031436
X-Jimdo-Wid: s099ef0c3a630ee0b
Cache-Control: no-cache, no-store, must-revalidate
Location: https://www.jibungenin-motherspower.net/
Server: nginx

GET
H2 200 web_oldtemplate.css.484168258c63bd4f69a74e0370dc7ab9.css
assets.jimstatic.com/ 210 KB
51 KB 150ms
50ms Stylesheet
text/css 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.jimstatic.com/web_oldtemplate.css.484168258c63bd4f69a74e0370dc7ab9.css
Requested by: Host: www.jibungenin-motherspower.net
URL: https://www.jibungenin-motherspower.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 410923e6cf9b7fc4cbc2f86c227b3056b57e2c3ae5dadf6931501da5978fd868

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:44:20 GMT
content-encoding: gzip
age: 1692754
etag: "405cad3e685876e6b90202dfaac32d48"
x-served-by: cache-lcy19222-LCY, cache-fra19122-FRA
vary: Accept-Encoding
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-timer: S1621781061.700393,VS0,VE0
content-length: 52299
x-cache-hits: 1, 7649

GET
H2 200 ckies.js.c4e80683fb02bdc0ba01.js Show response
assets.jimstatic.com/ 2 KB
1 KB 148ms
50ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.jimstatic.com/ckies.js.c4e80683fb02bdc0ba01.js
Requested by: Host: www.jibungenin-motherspower.net
URL: https://www.jibungenin-motherspower.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c59dab7124ad69703a6bb26c68b9583d2af62169a5992861fc246c8cda479ae0

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:44:20 GMT
content-encoding: gzip
age: 2273858
etag: "f988bb1f56190440cd4813cd934d2b07"
x-served-by: cache-lcy19261-LCY, cache-fra19122-FRA
vary: Accept-Encoding
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-timer: S1621781061.700529,VS0,VE0
content-length: 892
x-cache-hits: 1, 97785

GET
H2 200 cookieControl.js.9e9630cc43daf29b4c14.js Show response
assets.jimstatic.com/ 25 KB
9 KB 146ms
47ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.jimstatic.com/cookieControl.js.9e9630cc43daf29b4c14.js
Requested by: Host: www.jibungenin-motherspower.net
URL: https://www.jibungenin-motherspower.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4ce2882987a4e266f7607c5bfb8d04eada8fea112c1b3547c50c6b2d84316732

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:44:20 GMT
content-encoding: gzip
age: 2273857
etag: "2f9cf4203a8ae9df35834ed934c82efa"
x-served-by: cache-lcy19225-LCY, cache-fra19122-FRA
vary: Accept-Encoding
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-timer: S1621781061.700481,VS0,VE0
content-length: 8501
x-cache-hits: 1, 98275

GET
H2 200 main.css
u.jimcdn.com/cms/o/s099ef0c3a630ee0b/userlayout/css/ 5 KB
964 B 203ms
104ms Stylesheet
text/css 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://u.jimcdn.com/cms/o/s099ef0c3a630ee0b/userlayout/css/main.css?t=1621584409

Requested by

Host: www.jibungenin-motherspower.net
URL: https://www.jibungenin-motherspower.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e8a715428ef6bb3e8bbd7fea18a3fbaa3ead167b31d9754b34211ede76495a18

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:44:20 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 0
x-cache: MISS
content-length: 730
x-served-by: cache-fra19171-FRA
access-control-allow-origin: *
server: nginx
x-timer: S1621781061.701819,VS0,VE57
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
via: 1.1 varnish
cache-control: public, max-age=691200
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 layout.css
u.jimcdn.com/cms/o/s099ef0c3a630ee0b/userlayout/css/ 3 KB
1 KB 257ms
158ms Stylesheet
text/css 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://u.jimcdn.com/cms/o/s099ef0c3a630ee0b/userlayout/css/layout.css?t=1581828929

Requested by

Host: www.jibungenin-motherspower.net
URL: https://www.jibungenin-motherspower.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0b3790780fe18444af4aaa22b79c53991de4250bba785308161f38a72da2fa52

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:44:20 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 0
x-cache: MISS
content-length: 1227
x-served-by: cache-fra19171-FRA
access-control-allow-origin: *
server: nginx
x-timer: S1621781061.701868,VS0,VE110
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
via: 1.1 varnish
cache-control: public, max-age=691200
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 font.css
u.jimcdn.com/cms/o/s099ef0c3a630ee0b/userlayout/css/ 1003 B
515 B 210ms
112ms Stylesheet
text/css 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://u.jimcdn.com/cms/o/s099ef0c3a630ee0b/userlayout/css/font.css?t=1621584409

Requested by

Host: www.jibungenin-motherspower.net
URL: https://www.jibungenin-motherspower.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

675cb7ae5114d3050ec7c458ccd198e67cb319c462bdb50f6265385c4cc7e521

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:44:20 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 0
x-cache: MISS
content-length: 452
x-served-by: cache-fra19171-FRA
access-control-allow-origin: *
server: nginx
x-timer: S1621781061.702075,VS0,VE64
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
via: 1.1 varnish
cache-control: public, max-age=691200
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 web.js.61a4a2fa8f7897743282.js Show response
assets.jimstatic.com/ 694 KB
228 KB 51ms
51ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.jimstatic.com/web.js.61a4a2fa8f7897743282.js
Requested by: Host: www.jibungenin-motherspower.net
URL: https://www.jibungenin-motherspower.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 51af4d47cef5418904d16d2379a1ba8ed91694f66634275758535db717c8a1ee

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:44:20 GMT
content-encoding: gzip
age: 2273857
etag: "83ebc5dd196c3201486f76c0cfa87907"
x-served-by: cache-lcy19251-LCY, cache-fra19122-FRA
vary: Accept-Encoding
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-timer: S1621781061.818483,VS0,VE0
content-length: 233125
x-cache-hits: 1, 4797

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 43ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.jibungenin-motherspower.net
URL: https://www.jibungenin-motherspower.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47950
x-xss-protection: 0
server: cafe
etag: 4501822382306722350
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 23 May 2021 14:44:20 GMT

GET
H2 200 shibogi.jpg
u.jimcdn.com/cms/o/s099ef0c3a630ee0b/userlayout/img/ 164 KB
164 KB 177ms
176ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.jimcdn.com/cms/o/s099ef0c3a630ee0b/userlayout/img/shibogi.jpg?t=1321848508
Requested by: Host: www.jibungenin-motherspower.net
URL: https://www.jibungenin-motherspower.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5af8a47609abd0b7506bf4cee6a80328b122cd244e33f138620039ca76581ea9

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:44:20 GMT
via: 1.1 varnish
last-modified: Sun, 23 May 2021 14:44:20 GMT
server: nginx
age: 0
etag: "60aa6a44-28e9d"
x-served-by: cache-fra19171-FRA
x-cache: MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=691200
accept-ranges: bytes
x-timer: S1621781061.871668,VS0,VE128
content-length: 167581
x-cache-hits: 0

GET
H2 200 image.jpg
image.jimcdn.com/app/cms/image/transf/none/path/s099ef0c3a630ee0b/image/i939697374e896a1e/version/1487910816/ 8 KB
8 KB 201ms
98ms Image
image/jpeg 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.jimcdn.com/app/cms/image/transf/none/path/s099ef0c3a630ee0b/image/i939697374e896a1e/version/1487910816/image.jpg
Requested by: Host: www.jibungenin-motherspower.net
URL: https://www.jibungenin-motherspower.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4705f3d71d794a43d4b00909131aa7b15001e25e531832a8136c7abdee7aeff3

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 6bOdzeQOmULiVZI9LwQ2.C_JUVHJ0IlX
via: 1.1 varnish, 1.1 varnish
etag: "a16a82cfa7648fef6b4a80dc9c1e6129"
age: 0
x-cache: HIT, MISS
content-disposition: inline; filename*=UTF-8''1487910816.jpg
fastly-restarts: 1
x-amz-id-2: iCxSZumfdlg62p3XHF9LDv8DiX7hEWeMcutK49m9OWr2ukNChV4SB0dxhrKCsUWST/Qf7W1uI4o=
x-served-by: cache-lcy19273-LCY, cache-hhn4023-HHN
accept-ranges: bytes
last-modified: Fri, 24 Feb 2017 04:33:31 GMT
server: AmazonS3
x-timer: S1621781061.975555,VS0,VE18
date: Sun, 23 May 2021 14:44:20 GMT
x-amz-request-id: 4KTRCD7M5KPC6K25
access-control-allow-origin: *
expires: Thu, 27 May 2021 14:40:22 GMT
content-length: 8020
content-type: image/jpeg
x-cache-hits: 1, 0

GET
H2 200 image.jpg
image.jimcdn.com/app/cms/image/transf/dimension=520x10000:format=jpg/path/s099ef0c3a630ee0b/image/i6267850210133b9a/version/1346738915/ 51 KB
51 KB 153ms
50ms Image
image/jpeg 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.jimcdn.com/app/cms/image/transf/dimension=520x10000:format=jpg/path/s099ef0c3a630ee0b/image/i6267850210133b9a/version/1346738915/image.jpg
Requested by: Host: www.jibungenin-motherspower.net
URL: https://www.jibungenin-motherspower.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Thumbor/6.1.3 /
Resource Hash: cac61b59f65cf719028eac8c34928a3b32f205c74537626c061c6122227eb0fe

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:44:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 1973933
x-cache: HIT, HIT
x-cache-hits: 1, 1
fastly-restarts: 1
x-served-by: cache-lcy19227-LCY, cache-hhn4023-HHN
accept-ranges: bytes
server: Thumbor/6.1.3
x-timer: S1621781061.975581,VS0,VE1
etag: "694adcacaa57cc79749d75604c57656ddaa5081e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2678400,public
content-length: 52319
expires: Mon, 31 May 2021 18:25:27 GMT

GET
H2 200 bkg.gif
u.jimcdn.com/cms/o/s099ef0c3a630ee0b/userlayout/img/ 412 B
517 B 157ms
156ms Image
image/gif 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.jimcdn.com/cms/o/s099ef0c3a630ee0b/userlayout/img/bkg.gif?t=1323102430
Requested by: Host: u.jimcdn.com
URL: https://u.jimcdn.com/cms/o/s099ef0c3a630ee0b/userlayout/css/layout.css?t=1581828929
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 37e9aa98f7e6196cbdd291526c9ed980b3d81b154e5233f21bb6a7f8469341a6

Request headers

Referer: https://u.jimcdn.com/cms/o/s099ef0c3a630ee0b/userlayout/css/layout.css?t=1581828929
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:44:20 GMT
via: 1.1 varnish
last-modified: Sun, 23 May 2021 14:44:20 GMT
server: nginx
age: 0
etag: "60aa6a44-19c"
x-served-by: cache-fra19171-FRA
x-cache: MISS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=691200
accept-ranges: bytes
x-timer: S1621781061.874064,VS0,VE109
content-length: 412
x-cache-hits: 0

GET
H2 200 ga.js Show response
www.google-analytics.com/ 45 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.jibungenin-motherspower.net
URL: https://www.jibungenin-motherspower.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6593
date: Sun, 23 May 2021 12:54:28 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sun, 23 May 2021 14:54:28 GMT

GET
H2 200 footer-bg.gif
u.jimcdn.com/cms/o/s099ef0c3a630ee0b/userlayout/img/ 58 B
177 B 153ms
153ms Image
image/gif 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.jimcdn.com/cms/o/s099ef0c3a630ee0b/userlayout/img/footer-bg.gif?t=1321847611
Requested by: Host: u.jimcdn.com
URL: https://u.jimcdn.com/cms/o/s099ef0c3a630ee0b/userlayout/css/layout.css?t=1581828929
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e49c610296984d4dbcd1d1ecc632cede01c6840912eacc5bb099270ccd0677ba

Request headers

Referer: https://u.jimcdn.com/cms/o/s099ef0c3a630ee0b/userlayout/css/layout.css?t=1581828929
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:44:21 GMT
via: 1.1 varnish
last-modified: Sun, 23 May 2021 14:44:21 GMT
server: nginx
age: 0
etag: "60aa6a45-3a"
x-served-by: cache-fra19171-FRA
x-cache: MISS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=691200
accept-ranges: bytes
x-timer: S1621781061.090860,VS0,VE105
content-length: 58
x-cache-hits: 0

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ 231 KB
85 KB 45ms
31ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3307574940271066&plah=www.jibungenin-motherspower.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87252
x-xss-protection: 0
server: cafe
etag: 5322897297824761394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 23 May 2021 14:44:21 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/ Frame 31B1 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210517/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jibungenin-motherspower.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jibungenin-motherspower.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 22 May 2021 22:33:52 GMT
expires: Sat, 05 Jun 2021 22:33:52 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 58229
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 103.c94dd2bb61365e272f6b.js Show response
assets.jimstatic.com/ 87 KB
31 KB 49ms
48ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.jimstatic.com/103.c94dd2bb61365e272f6b.js
Requested by: Host: assets.jimstatic.com
URL: https://assets.jimstatic.com/web.js.61a4a2fa8f7897743282.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4a460317839143af0b207e2af78aac42cf10749bc978725814f8b3f008d0d46f

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:44:21 GMT
content-encoding: gzip
age: 1346118
etag: "a8784c594647452dbf10249f4bb56959"
x-served-by: cache-lcy19237-LCY, cache-fra19122-FRA
vary: Accept-Encoding
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-timer: S1621781061.174350,VS0,VE0
content-length: 31398
x-cache-hits: 1, 4

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
99 B 34ms
14ms Image
image/gif 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1507993940&utmhn=www.jibungenin-motherspower.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E3%83%9B%E3%83%BC%E3%83%A0%20-%20100%25%20%E8%87%AA%E5%88%86%E5%8E%9F%E5%9B%A0%E8%AA%AC%E3%80%80%E8%92%BC%E6%B5%B7%E3%81%AA%E3%81%8A%E3%81%BF%E3%83%9B%E3%83%BC%E3%83%A0%E3%83%9A%E3%83%BC%E3%82%B8&utmhid=1413282738&utmr=-&utmp=%2F&utmht=1621781061185&utmac=UA-139049329-1&utmcc=__utma%3D138656552.1194033827.1621781061.1621781061.1621781061.1%3B%2B__utmz%3D138656552.1621781061.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=671060333&utmredir=1&utmu=qAQgAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.jibungenin-motherspower.net
URL: https://www.jibungenin-motherspower.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 14:44:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
400 B 34ms
13ms Image
image/gif 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=148112005&utmhn=www.jibungenin-motherspower.net&utme=8(websiteid)9(s099ef0c3a630ee0b)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E3%83%9B%E3%83%BC%E3%83%A0%20-%20100%25%20%E8%87%AA%E5%88%86%E5%8E%9F%E5%9B%A0%E8%AA%AC%E3%80%80%E8%92%BC%E6%B5%B7%E3%81%AA%E3%81%8A%E3%81%BF%E3%83%9B%E3%83%BC%E3%83%A0%E3%83%9A%E3%83%BC%E3%82%B8&utmhid=1413282738&utmr=-&utmp=%2F&utmht=1621781061192&utmac=UA-24207326-24&utmcc=__utma%3D138656552.1194033827.1621781061.1621781061.1621781061.1%3B%2B__utmz%3D138656552.1621781061.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=330287067&utmredir=1&utmmt=1&utmu=qxQgAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.jibungenin-motherspower.net
URL: https://www.jibungenin-motherspower.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 14:44:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 217 B
652 B 304ms
179ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.jibungenin-motherspower.net&callback=_gfp_s_&client=ca-pub-3307574940271066

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3307574940271066&plah=www.jibungenin-motherspower.net&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

00a382a9735fab47fd7280d184095b43abfe641ae7104022a171314a5cce5a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 35ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.jibungenin-motherspower.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 23 May 2021 14:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 34ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.jibungenin-motherspower.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 23 May 2021 14:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 085C 0
19 B 104ms
89ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3307574940271066&output=html&adk=1261505796&adf=3692917392&lmt=1621781061&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.jibungenin-motherspower.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621781061083&bpp=4&bdt=505&idt=118&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4297526866928&frm=20&pv=2&ga_vid=1194033827.1621781061&ga_sid=1621781061&ga_hid=1413282738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=138645943595613&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=135

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3307574940271066&output=html&adk=1261505796&adf=3692917392&lmt=1621781061&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.jibungenin-motherspower.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621781061083&bpp=4&bdt=505&idt=118&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4297526866928&frm=20&pv=2&ga_vid=1194033827.1621781061&ga_sid=1621781061&ga_hid=1413282738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=138645943595613&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=135
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jibungenin-motherspower.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jibungenin-motherspower.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 23 May 2021 14:44:21 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 23-May-2021 14:59:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 23 May 2021 14:44:21 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df2fd5c8b3681147087fa7506cef9c982c18edf99729a4412e41af2f98fe0b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621597303326658"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27994
x-xss-protection: 0
expires: Sun, 23 May 2021 14:44:21 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D992 114 KB
36 KB 269ms
262ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3307574940271066&output=html&h=280&slotname=1169246637&adk=3992469774&adf=2330303964&pi=t.ma~as.1169246637&w=520&fwrn=4&fwrnh=100&lmt=1621781061&rafmt=1&psa=0&format=520x280&url=https%3A%2F%2Fwww.jibungenin-motherspower.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621781061087&bpp=3&bdt=510&idt=135&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4297526866928&frm=20&pv=1&ga_vid=1194033827.1621781061&ga_sid=1621781061&ga_hid=1413282738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=675&ady=3049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=138645943595613&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4nTf23PVEH&p=https%3A//www.jibungenin-motherspower.net&dtd=140

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c655e498384cbfbe36f656a70708654c8f5a7f494adf58ebed6362747aae214b

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8524266731230535703/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8524266731230535703/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLSHvaCF4PACFVH47Qodl9IKVw&gqi=RWqqYJGPD8-qtwfrlYKoCg&layout=/sadbundle/%24csp%253Der3%24/8524266731230535703/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3307574940271066&output=html&h=280&slotname=1169246637&adk=3992469774&adf=2330303964&pi=t.ma~as.1169246637&w=520&fwrn=4&fwrnh=100&lmt=1621781061&rafmt=1&psa=0&format=520x280&url=https%3A%2F%2Fwww.jibungenin-motherspower.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621781061087&bpp=3&bdt=510&idt=135&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4297526866928&frm=20&pv=1&ga_vid=1194033827.1621781061&ga_sid=1621781061&ga_hid=1413282738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=675&ady=3049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=138645943595613&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4nTf23PVEH&p=https%3A//www.jibungenin-motherspower.net&dtd=140
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jibungenin-motherspower.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jibungenin-motherspower.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8524266731230535703/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8524266731230535703/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLSHvaCF4PACFVH47Qodl9IKVw&gqi=RWqqYJGPD8-qtwfrlYKoCg&layout=/sadbundle/%24csp%253Der3%24/8524266731230535703/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 23 May 2021 14:44:21 GMT
server: cafe
content-length: 37194
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 23-May-2021 14:59:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 23 May 2021 14:44:21 GMT
cache-control: private

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame D992 67 B
533 B 26ms
6ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3307574940271066&output=html&h=280&slotname=1169246637&adk=3992469774&adf=2330303964&pi=t.ma~as.1169246637&w=520&fwrn=4&fwrnh=100&lmt=1621781061&rafmt=1&psa=0&format=520x280&url=https%3A%2F%2Fwww.jibungenin-motherspower.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621781061087&bpp=3&bdt=510&idt=135&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4297526866928&frm=20&pv=1&ga_vid=1194033827.1621781061&ga_sid=1621781061&ga_hid=1413282738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=675&ady=3049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=138645943595613&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4nTf23PVEH&p=https%3A//www.jibungenin-motherspower.net&dtd=140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 23 May 2021 01:32:03 GMT
x-content-type-options: nosniff
server: cafe
age: 47538
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Mon, 24 May 2021 01:32:03 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8524266731230535703/ Frame 414C 67 KB
16 KB 22ms
8ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8524266731230535703/index.html

Requested by

Host: www.jibungenin-motherspower.net
URL: https://www.jibungenin-motherspower.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74b28361e2317a02249ccd2754d5aa367a812f743adc39af684398d5ea3b708f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/8524266731230535703/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 17 May 2021 13:14:12 GMT
expires: Tue, 17 May 2022 13:14:12 GMT
last-modified: Wed, 12 May 2021 08:21:03 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 16852
age: 523809
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 18A0 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxeCfRWqqYPTQD9HwtweXpau4BZHW3-dipYDujtMN6_D-gMckEAEgptKJa2CVAqAB4J7E-APIAQmpAm-hncQFcLQ-qAMByANIqgTaAU_QjT3LJqjVOLQcGNEosfnA0m1YbiYOzeLEI7lH7xs7NnOVpTKatEClfAOwPhdX5ghdb5qBtGna_241QUaq_fiZGPr8js0GFeeIOb5CRkMgte7RLJkU4_kgLs_Z5Iu0kIBM9VUnWKzewm_ILw47QvrtrOgQUJs5xh3hfnEPVNSRdbp9O-N3AMc2F_ElEFySU86DTQ0RPlfPdcFmv90Yq1G9QbSIS4bEFxRB_4MCvCKS0U1DviBtekWidySBrzkjF_XBnS0FE5c0xotVErEHiBqbAMM7hBwoocVSwATgoZqWwAOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHx8D2AqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCK1QrSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGYFgGAFwGyFxoKGAgAEhRwdWItMzMwNzU3NDk0MDI3MTA2Ng&sigh=0KhuKeIOS6k&template_id=419

Requested by

Host: www.jibungenin-motherspower.net
URL: https://www.jibungenin-motherspower.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3307574940271066&output=html&h=280&slotname=1169246637&adk=3992469774&adf=2330303964&pi=t.ma~as.1169246637&w=520&fwrn=4&fwrnh=100&lmt=1621781061&rafmt=1&psa=0&format=520x280&url=https%3A%2F%2Fwww.jibungenin-motherspower.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621781061087&bpp=3&bdt=510&idt=135&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4297526866928&frm=20&pv=1&ga_vid=1194033827.1621781061&ga_sid=1621781061&ga_hid=1413282738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=675&ady=3049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=138645943595613&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4nTf23PVEH&p=https%3A//www.jibungenin-motherspower.net&dtd=140
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 23 May 2021 14:44:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 23 May 2021 14:44:21 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 18A0 17 KB
7 KB 18ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7009
x-xss-protection: 0
server: cafe
etag: 607056201285360291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Jun 2021 14:43:40 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 18A0 2 KB
1 KB 22ms
11ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Jun 2021 14:44:13 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 18A0 119 KB
36 KB 28ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a4e15e0a382cdbfe1d63cbd77a59ce2f67660b54e926fbebc97fe0b7cebf869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621597309435250"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37145
x-xss-protection: 0
expires: Sun, 23 May 2021 14:44:21 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 18A0 13 KB
6 KB 18ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Jun 2021 14:38:23 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DA73 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3307574940271066&output=html&h=280&slotname=1169246637&adk=3992469774&adf=2330303964&pi=t.ma~as.1169246637&w=520&fwrn=4&fwrnh=100&lmt=1621781061&rafmt=1&psa=0&format=520x280&url=https%3A%2F%2Fwww.jibungenin-motherspower.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621781061087&bpp=3&bdt=510&idt=135&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4297526866928&frm=20&pv=1&ga_vid=1194033827.1621781061&ga_sid=1621781061&ga_hid=1413282738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=675&ady=3049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=138645943595613&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4nTf23PVEH&p=https%3A//www.jibungenin-motherspower.net&dtd=140
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3307574940271066&output=html&h=280&slotname=1169246637&adk=3992469774&adf=2330303964&pi=t.ma~as.1169246637&w=520&fwrn=4&fwrnh=100&lmt=1621781061&rafmt=1&psa=0&format=520x280&url=https%3A%2F%2Fwww.jibungenin-motherspower.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621781061087&bpp=3&bdt=510&idt=135&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4297526866928&frm=20&pv=1&ga_vid=1194033827.1621781061&ga_sid=1621781061&ga_hid=1413282738&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=675&ady=3049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=138645943595613&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4nTf23PVEH&p=https%3A//www.jibungenin-motherspower.net&dtd=140

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 23 May 2021 13:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2831
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 414C 16 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8524266731230535703/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 23:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 23 May 2021 23:54:49 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 414C 26 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8524266731230535703/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 23 May 2021 23:11:01 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DA73
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlbgP4iaqQuTQHDOrH8G5bFdoGNJG-SeFt5HsrwENooL-tYtbSlEhRsntVTrbk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 23 May 2021 14:44:21 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 23-May-2021 15:44:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 23 May 2021 14:44:21 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 23 May 2021 14:44:21 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 18A0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b322bfbd62e7a06bd148f1822b962611541c521141e277eb84747dcc19bd46f1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Show response
pagead2.googlesyndication.com/bg/ Frame 414C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 17:51:02 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 75199
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5784
x-xss-protection: 0
expires: Sun, 22 May 2022 17:51:02 GMT

GET
H3-29 200 Buchen.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8524266731230535703/ Frame 414C 1 KB
1 KB 8ms
8ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8524266731230535703/Buchen.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfb449d09dc4ee8bbffd86e21b831f45696a8a2d8a228462dbbacdae3f317d6c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 523809
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
last-modified: Wed, 12 May 2021 08:21:03 GMT
server: sffe
date: Mon, 17 May 2021 13:14:12 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 13:14:12 GMT

GET
H3-29 200 BM_Logo_RGB_3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8524266731230535703/ Frame 414C 22 KB
22 KB 11ms
11ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8524266731230535703/BM_Logo_RGB_3.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af80c5f740d87f23a4dfba032163da333d0726400e3e466498ec6db371cccbeb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 523809
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22623
x-xss-protection: 0
last-modified: Wed, 12 May 2021 08:21:03 GMT
server: sffe
date: Mon, 17 May 2021 13:14:12 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 13:14:12 GMT

GET
H3-29 200 250x300.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8524266731230535703/ Frame 414C 46 KB
46 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8524266731230535703/250x300.jpg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51fe96a9d684fe8d2b11a58f8a1c7e6b89eaf70e9e6c6906ae1f31015682f86f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 523809
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46990
x-xss-protection: 0
last-modified: Wed, 12 May 2021 08:21:03 GMT
server: sffe
date: Mon, 17 May 2021 13:14:12 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 13:14:12 GMT

GET
H/1.1 200
OK loginstate Show response
a.jimdo.com/app/web/ 64 B
262 B 266ms
68ms Script
application/javascript 34.252.189.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.jimdo.com/app/web/loginstate?callback=jQuery112008791607199892826_1621781061119&owi=s099ef0c3a630ee0b&_=1621781061120

Requested by

Host: assets.jimstatic.com
URL: https://assets.jimstatic.com/web.js.61a4a2fa8f7897743282.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.189.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-189-87.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

806bfb33e5cce2672e53eda5587cea95d71fd399dd660500554de738efce8845

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 May 2021 14:44:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 64
Strict-Transport-Security: max-age=10886400
Content-Type: application/javascript

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 41ms
28ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8623b902c8f09977c8e40ec40dcdc584874a158e4ecb4b8e916c638bd2b25a85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 23 May 2021 14:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8277
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 14:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 23 May 2021 14:44:21 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 0AC0 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jibungenin-motherspower.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jibungenin-motherspower.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 23 May 2021 13:19:20 GMT
expires: Mon, 23 May 2022 13:19:20 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5101
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Show response
pagead2.googlesyndication.com/bg/ Frame 0AC0 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 17:51:02 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 75199
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5784
x-xss-protection: 0
expires: Sun, 22 May 2022 17:51:02 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=138645943595613&bg=!SUqlSg7NAAZ7hX_Ue4U7ACkAdvg8WlUyLHFye8mCpf0YyIqyXpCKD0YP64fM12GHqMUTF5B64quMVwIAAABQUgAAAA1oAQcKAJzY4aubt7TLTfSolfBQJzF0WJjBI7O3rxSPrWL1LLZv97GueQ9slziJJbfllU33yHAuXPvYRZwXK3mgkN-9uglpZo4DNjHruZGGJ6sqcvP0ZxT5BgoecFuhK0ZjMXPh6Y13bg-HVYZ5kqJoEriPA-X2mcwqjOuNe2qjox3V7KY9-DeXDzhmjLkv0SCQCrEgbLR3Rc_hLhxLv7MOtDiZAmLMnIRKfCsdxOZpbZlntvbyay6UUoA5DjYD00cAB23gMMPHARuTxZmGbRKISqD4uvhXvuPC9GoNJQrj4KAsyiVhnpkxB9bTK51kTA796UE7nuM5EY7MlWxDgZC3yWUiOOLwAynLtORWfYElJ64MFAIJCQ4bUQCSAXXfLe33xla6RsRmp1Jsa4WV_w7WkYDn48_jtDORv4DIpqS0pNIWMaAt0ZZ8N7_xK0SngKj-VFqHH0B2-tz4UAxB0Ex7o3J-E6V2FVHK3YLH6Thvyasfq92S2hX1WLlO1ccDzHFm0ny-xZcZfsYLS9NUMFgLdRw_4DTu_h7RW5r8OtIhOGWObv2UnDyIgOkY40rq32agzmih00GTDjCM1zF1Qp57BiDy23ko9wV96374JC9WDafbp4-gpXdTI2SpycZukZzhU4IJFsL2asjwpNHwrEscuFB5rjv7nzgzDu5mgNvo3XOd-AYJa7UcbCrJ_6NF2wPdsjLERprSOYrEfDYIKLWvjV9-5gpQkYt3UOVOawaYmGFFzDKyyBkR4OEDJ0ORLlj9-IullEZY-K-H-y3iB-uTf-n3jb4cgttDS97HI-gmKtuU6fXujcSiDET---NmhPeLIA4tgA4-2FLvkh_AKxY9_QJttqvLl7-VOzhdT4HidI5pTtI6e1EMR7xE0xy0BQcDDf0PviI8k_LOQ0N6pEyO_jtIiarHG4kUuq3kW8GFVA7-JZ_9DzE3dovlCmwGUQGYFu33PdL5g3-AwLK7ULelCnzlbK5QWNHA2AtV3F6upCQeynyrnP_OofhEEm3o76pTCndbY3HM

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jibungenin-motherspower.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 14:44:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 18:29:44	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 03:51:17	Name: IDE Value: AHWqTUlbgP4iaqQuTQHDOrH8G5bFdoGNJG-SeFt5HsrwENooL-tYtbSlEhRsntVTrbk
www.jibungenin-motherspower.net/	1970-01-20 12:00:53	Name: __utma Value: 138656552.1194033827.1621781061.1621781061.1621781061.1
www.jibungenin-motherspower.net/	1970-01-19 18:29:41	Name: __utmt_b Value: 1
.jibungenin-motherspower.net/	1970-01-20 03:51:17	Name: __gads Value: ID=e28d40504dfc6d6f-22c037301bc800d0:T=1621781061:RT=1621781061:S=ALNI_MZezXOtj6pcUrd6cgnuE5-YpOXy1A
www.jibungenin-motherspower.net/	1970-01-19 22:52:29	Name: __utmz Value: 138656552.1621781061.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.jibungenin-motherspower.net/	1970-01-19 18:29:42	Name: __utmb Value: 138656552.1.10.1621781061
.jibungenin-motherspower.net/	1970-01-20 12:00:53	Name: __utma Value: 138656552.1194033827.1621781061.1621781061.1621781061.1
.jibungenin-motherspower.net/	1970-01-19 18:29:41	Name: __utmt_a Value: 1
.jibungenin-motherspower.net/	1970-01-19 22:52:29	Name: __utmz Value: 138656552.1621781061.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
www.jibungenin-motherspower.net/	1969-12-31 23:59:59	Name: __utmc Value: 138656552
.jibungenin-motherspower.net/	1969-12-31 23:59:59	Name: __utmc Value: 138656552
www.jibungenin-motherspower.net/	1970-01-19 18:29:42	Name: __utmb Value: 138656552.2.10.1621781061

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=604800

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.jimdo.com
adservice.google.com
adservice.google.de
assets.jimstatic.com
googleads.g.doubleclick.net
image.jimcdn.com
jibungenin-motherspower.net
pagead2.googlesyndication.com
partner.googleadservices.com
ssl.google-analytics.com
tpc.googlesyndication.com
u.jimcdn.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.jibungenin-motherspower.net
151.101.114.2
151.101.14.2
172.217.23.98
2a00:1450:4001:800::2008
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82f::2002
34.252.189.87
34.252.224.184
54.171.31.214
00a382a9735fab47fd7280d184095b43abfe641ae7104022a171314a5cce5a89
0a4e15e0a382cdbfe1d63cbd77a59ce2f67660b54e926fbebc97fe0b7cebf869
0b3790780fe18444af4aaa22b79c53991de4250bba785308161f38a72da2fa52
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
37e9aa98f7e6196cbdd291526c9ed980b3d81b154e5233f21bb6a7f8469341a6
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
410923e6cf9b7fc4cbc2f86c227b3056b57e2c3ae5dadf6931501da5978fd868
4705f3d71d794a43d4b00909131aa7b15001e25e531832a8136c7abdee7aeff3
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
4a460317839143af0b207e2af78aac42cf10749bc978725814f8b3f008d0d46f
4ce2882987a4e266f7607c5bfb8d04eada8fea112c1b3547c50c6b2d84316732
4df2fd5c8b3681147087fa7506cef9c982c18edf99729a4412e41af2f98fe0b3
51af4d47cef5418904d16d2379a1ba8ed91694f66634275758535db717c8a1ee
51fe96a9d684fe8d2b11a58f8a1c7e6b89eaf70e9e6c6906ae1f31015682f86f
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5af8a47609abd0b7506bf4cee6a80328b122cd244e33f138620039ca76581ea9
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188
675cb7ae5114d3050ec7c458ccd198e67cb319c462bdb50f6265385c4cc7e521
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74b28361e2317a02249ccd2754d5aa367a812f743adc39af684398d5ea3b708f
806bfb33e5cce2672e53eda5587cea95d71fd399dd660500554de738efce8845
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8623b902c8f09977c8e40ec40dcdc584874a158e4ecb4b8e916c638bd2b25a85
8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
a0240cb3a46ade0c9a987b23c52a8c6d614405dcca526c3d7c646ad525a09c77
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
af80c5f740d87f23a4dfba032163da333d0726400e3e466498ec6db371cccbeb
b322bfbd62e7a06bd148f1822b962611541c521141e277eb84747dcc19bd46f1
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bfb449d09dc4ee8bbffd86e21b831f45696a8a2d8a228462dbbacdae3f317d6c
c59dab7124ad69703a6bb26c68b9583d2af62169a5992861fc246c8cda479ae0
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c655e498384cbfbe36f656a70708654c8f5a7f494adf58ebed6362747aae214b
cac61b59f65cf719028eac8c34928a3b32f205c74537626c061c6122227eb0fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49c610296984d4dbcd1d1ecc632cede01c6840912eacc5bb099270ccd0677ba
e8a715428ef6bb3e8bbd7fea18a3fbaa3ead167b31d9754b34211ede76495a18

www.jibungenin-motherspower.net Open in urlscan Pro 54.171.31.214 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

60 %IPv6

11 Domains

16 Subdomains

14 IPs

3 Countries

961 kBTransfer

2311 kBSize

13 Cookies

8 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.jibungenin-motherspower.net Open in urlscan Pro
54.171.31.214 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

60 %
IPv6

11
Domains

16
Subdomains

14
IPs

3
Countries

961 kB
Transfer

2311 kB
Size

13
Cookies

47 HTTP transactions
1 data transactions