crescent-star.jugem.jp Open in urlscan Pro
35.75.154.223 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://crescent-star.jugem.jp/
Submission: On June 30 via api (June 30th 2023, 3:12:16 pm UTC) from US — Scanned from US

Summary HTTP 422 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 86 IPs in 10 countries across 91 domains to perform 422 HTTP transactions. The main IP is 35.75.154.223, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is crescent-star.jugem.jp.

This is the only time crescent-star.jugem.jp was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: JR East (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 4	35.75.154.223 35.75.154.223	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:254... 2600:9000:254a:1000:13:9454:1700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.160.181.58 18.160.181.58	16509 (AMAZON-02) (AMAZON-02)
10	2607:f8b0:402... 2607:f8b0:4020:805::2002	15169 (GOOGLE) (GOOGLE)
5	157.7.107.75 157.7.107.75	7506 (INTERQ GM...) (INTERQ GMO Internet)
1	133.237.60.111 133.237.60.111	23820 (RAKUTEN R...) (RAKUTEN Rakuten Group)
23	2606:2800:220... 2606:2800:220:131d:1d30:1f1d:238b:1e56	15133 (EDGECAST) (EDGECAST)
1	2600:9000:254... 2600:9000:254a:1a00:1d:8805:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:1be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:254... 2600:9000:254a:400:13:9454:1700:93a1	16509 (AMAZON-02) (AMAZON-02)
6 12	54.230.202.56 54.230.202.56	16509 (AMAZON-02) (AMAZON-02)
1 2	52.197.128.148 52.197.128.148	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:9000:21f... 2600:9000:21fa:8a00:18:99a3:d800:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	2600:9000:21f... 2600:9000:21fa:2200:18:99a3:d800:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	18.160.92.44 18.160.92.44	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:402... 2607:f8b0:4020:805::200e	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
3	34.160.89.38 34.160.89.38	15169 (GOOGLE) (GOOGLE)
1	18.160.97.132 18.160.97.132	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	13.113.171.214 13.113.171.214	16509 (AMAZON-02) (AMAZON-02)
1	35.213.115.3 35.213.115.3	15169 (GOOGLE) (GOOGLE)
1	104.36.115.111 104.36.115.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6	18.160.96.104 18.160.96.104	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:100:a001... 2620:100:a001::18	19750 (AS-CRITEO) (AS-CRITEO)
6	2602:803:c002... 2602:803:c002:200::43	26667 (RUBICONPR...) (RUBICONPROJECT)
8 14	35.213.109.249 35.213.109.249	15169 (GOOGLE) (GOOGLE)
1	34.225.41.163 34.225.41.163	14618 (AMAZON-AES) (AMAZON-AES)
2	104.18.24.185 104.18.24.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	202.241.208.100 202.241.208.100	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
8 15	68.67.179.113 68.67.179.113	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::9b	15169 (GOOGLE) (GOOGLE)
15	2a04:4e42:600... 2a04:4e42:600::272	54113 (FASTLY) (FASTLY)
2 14	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
7	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
3	23.197.184.187 23.197.184.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2600:9000:21f... 2600:9000:21fa:5a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	64.202.112.191 64.202.112.191	23352 (SERVERCEN...) (SERVERCENTRAL)
7 30	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 9	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	23.105.12.159 23.105.12.159	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
6	104.102.111.7 104.102.111.7	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2607:f8b0:402... 2607:f8b0:4020:806::2001	15169 (GOOGLE) (GOOGLE)
1 3	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
10 10	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
30 42	142.250.64.66 142.250.64.66	15169 (GOOGLE) (GOOGLE)
7 7	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1 1	35.211.118.13 35.211.118.13	15169 (GOOGLE) (GOOGLE)
4 5	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	34.197.223.55 34.197.223.55	14618 (AMAZON-AES) (AMAZON-AES)
2 5	2600:1f18:4e9... 2600:1f18:4e9:5a02:71d0:2e3a:4d87:7371	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.232.39.3 34.232.39.3	14618 (AMAZON-AES) (AMAZON-AES)
7 10	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	199.38.167.131 199.38.167.131	54312 (ROCKETFUEL) (ROCKETFUEL)
9	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
8 8	54.145.44.246 54.145.44.246	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2603:c020:400... 2603:c020:400d:3000:f50:982a:7877:65bd	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 1	23.105.12.173 23.105.12.173	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1 1	216.200.232.249 216.200.232.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 18	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	8.18.47.7 8.18.47.7	398989 (DEEPINTENT) (DEEPINTENT)
1 1	2620:116:800b... 2620:116:800b:21:a021:b886:81cc:55cf	14618 (AMAZON-AES) (AMAZON-AES)
3 3	72.251.229.176 72.251.229.176	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
3 3	34.230.250.86 34.230.250.86	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.202.56.4 52.202.56.4	14618 (AMAZON-AES) (AMAZON-AES)
2 3	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	69.90.254.78 69.90.254.78	13768 (COGECO-PEER1) (COGECO-PEER1)
4	34.149.40.38 34.149.40.38	15169 (GOOGLE) (GOOGLE)
3 12	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1 2	34.196.240.12 34.196.240.12	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.150.170.96 34.150.170.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
3	162.248.18.34 162.248.18.34	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	2606:ae80:145... 2606:ae80:1451:21::410	25751 (VALUECLICK) (VALUECLICK)
2	3.214.222.87 3.214.222.87	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.72.194.129 52.72.194.129	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2606:4700:20:... 2606:4700:20::681a:832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.161.213.5 35.161.213.5	16509 (AMAZON-02) (AMAZON-02)
2 2	207.198.113.88 207.198.113.88	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	185.167.164.37 185.167.164.37	198622 (ADFORM) (ADFORM)
1	54.239.33.159 54.239.33.159	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	104.104.111.6 104.104.111.6	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
12	2607:f8b0:402... 2607:f8b0:4020:804::2002	15169 (GOOGLE) (GOOGLE)
62	2607:f8b0:402... 2607:f8b0:4020:807::2002	15169 (GOOGLE) (GOOGLE)
24	2607:f8b0:402... 2607:f8b0:4020:807::2001	15169 (GOOGLE) (GOOGLE)
2 4	23.52.160.7 23.52.160.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
2	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
2	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1	2600:1400:d::... 2600:1400:d::1721:eea3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	107.178.248.96 107.178.248.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.18.11.47 104.18.11.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.197.184.175 23.197.184.175	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	18.160.96.112 18.160.96.112	16509 (AMAZON-02) (AMAZON-02)
12	172.217.13.130 172.217.13.130	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:402... 2607:f8b0:4020:807::2006	15169 (GOOGLE) (GOOGLE)
2 2	35.211.233.246 35.211.233.246	19527 (GOOGLE-2) (GOOGLE-2)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	173.223.57.84 173.223.57.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
2 2	68.67.181.211 68.67.181.211	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	199.127.204.171 199.127.204.171	26120 (RHYTHMONE) (RHYTHMONE)
1 1	34.102.163.6 34.102.163.6	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	172.105.199.172 172.105.199.172	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	20.85.134.6 20.85.134.6	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.88.86.2 23.88.86.2	24940 (HETZNER-AS) (HETZNER-AS)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
2 2	23.217.250.62 23.217.250.62	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	44.206.150.230 44.206.150.230	14618 (AMAZON-AES) (AMAZON-AES)
1	35.153.221.178 35.153.221.178	14618 (AMAZON-AES) (AMAZON-AES)
1	99.81.147.155 99.81.147.155	16509 (AMAZON-02) (AMAZON-02)
1 1	34.102.253.54 34.102.253.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
422	86

4 35.75.154.223 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-154-223.ap-northeast-1.compute.amazonaws.com

crescent-star.jugem.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:254a:1000:13:9454:1700:93a1 (United States)

ASN16509 (AMAZON-02, US)

imaging.jugem.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.181.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-181-58.msp50.r.cloudfront.net

flux-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 157.7.107.75 (Naritahigashi, Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: 157-7-107-75.virt.lolipop.jp

sleepingawake.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 133.237.60.111 (Japan)

ASN23820 (RAKUTEN Rakuten Group, Inc., JP)
PTR: corp.rakuten.co.jp

corp.rakuten.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:2800:220:131d:1d30:1f1d:238b:1e56 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:254a:1a00:1d:8805:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

img-cdn.jg.jugem.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:1be (United States)

ASN13335 (CLOUDFLARENET, US)

i.loli.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:254a:400:13:9454:1700:93a1 (United States)

ASN16509 (AMAZON-02, US)

imaging.jugem.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.230.202.56 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: server-54-230-202-56.msp50.r.cloudfront.net

widget.booklog.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.197.128.148 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-128-148.ap-northeast-1.compute.amazonaws.com

api.booklog.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21fa:8a00:18:99a3:d800:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

www.ntv.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21fa:2200:18:99a3:d800:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

www.ntv.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.160.92.44 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-160-92-44.msp50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:805::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.160.89.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.89.160.34.bc.googleusercontent.com

a.flux.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.97.132 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-97-132.msp50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.113.171.214 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-171-214.ap-northeast-1.compute.amazonaws.com

pb.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.213.115.3 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 3.115.213.35.bc.googleusercontent.com

rtb-jp.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.160.96.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-96-104.msp50.r.cloudfront.net

ad.as.amanad.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2602:803:c002:200::43 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 35.213.109.249 (Tokyo, Japan) 8 redirects

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com

y.one.impact-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.41.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-41-163.compute-1.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 202.241.208.100 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)

d.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 68.67.179.113 (North Bergen, United States) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a04:4e42:600::272 (United States)

ASN54113 (FASTLY, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.197.184.187 (Eden Prairie, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-184-187.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21fa:5a00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.202.112.191 (Chicago, United States) 4 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 192.40.39.223 (Canada) 7 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.98.64.218 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.159 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ssbsync-us.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.102.111.7 (Billerica, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-111-7.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.28.7.81 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.33.220.150 (Seattle, United States) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 142.250.64.66 (Staten Island, United States) 30 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.211.178.172 (North Charleston, United States) 7 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.118.13 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 13.118.211.35.bc.googleusercontent.com

r.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.111.113.62 (Kansas City, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.197.223.55 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-223-55.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:4e9:5a02:71d0:2e3a:4d87:7371 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.232.39.3 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-39-3.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 69.173.151.100 (United States) 7 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.145.44.246 (Ashburn, United States) 8 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-44-246.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:c020:400d:3000:f50:982a:7877:65bd (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.173 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.249 (Frederick, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 162.248.18.37 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:a021:b886:81cc:55cf (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.251.229.176 (United States) 3 redirects

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.230.250.86 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-250-86.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.56.4 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-56-4.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:18ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.78 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com

u.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.71.139.29 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.196.240.12 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-240-12.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.150.170.96 (Washington, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:112:f002:bbbb::21 (United States) 2 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.65.202 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:21::410 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.214.222.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-222-87.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.194.129 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-194-129.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:832 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.161.213.5 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-213-5.us-west-2.compute.amazonaws.com

a.usbrowserspeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.88 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.37 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.239.33.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.104.111.6 (Billerica, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-104-111-6.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4020:804::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.52.160.7 (New York, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-160-7.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.142 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-west.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:d::1721:eea3 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

sync6.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.248.96 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.248.178.107.bc.googleusercontent.com

penta.a.one.impact-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.197.184.175 (Eden Prairie, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-184-175.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.160.96.112 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-160-96-112.msp50.r.cloudfront.net

cr-p31.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.13.130 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4020:807::2006 (Montreal, Canada)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.233.246 (North Charleston, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 246.233.211.35.bc.googleusercontent.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.223.57.84 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-57-84.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.181.211 (North Bergen, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.127.204.171 (United States) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.163.6 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com

ad.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.199.172 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1853-172.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.85.134.6 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.217.250.62 (Paris, France) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-217-250-62.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.206.150.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-150-230.compute-1.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.153.221.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-221-178.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.147.155 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-147-155.eu-west-1.compute.amazonaws.com

synchroscript.deliveryengine.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
93	googlesyndication.com 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	560 KB
70	doubleclick.net 30 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 346	399 KB
37	pubmatic.com 2 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 575 ads.pubmatic.com — Cisco Umbrella Rank: 553 image6.pubmatic.com — Cisco Umbrella Rank: 812 image2.pubmatic.com — Cisco Umbrella Rank: 1036 simage2.pubmatic.com — Cisco Umbrella Rank: 797 image4.pubmatic.com — Cisco Umbrella Rank: 1305 simage4.pubmatic.com — Cisco Umbrella Rank: 1338	43 KB
32	casalemedia.com 7 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 642 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 485 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635 dsum.casalemedia.com — Cisco Umbrella Rank: 1666	23 KB
30	twitter.com platform.twitter.com — Cisco Umbrella Rank: 978 syndication.twitter.com — Cisco Umbrella Rank: 1152	417 KB
24	rubiconproject.com 9 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 552 eus.rubiconproject.com — Cisco Umbrella Rank: 616 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1199 pixel.rubiconproject.com — Cisco Umbrella Rank: 374 token.rubiconproject.com — Cisco Umbrella Rank: 652 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1160 pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 5906	47 KB
19	amazon-adsystem.com 3 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 353 aax.amazon-adsystem.com — Cisco Umbrella Rank: 438 s.amazon-adsystem.com — Cisco Umbrella Rank: 333 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1025	70 KB
18	adnxs.com 10 redirects ib.adnxs.com — Cisco Umbrella Rank: 257 acdn.adnxs.com — Cisco Umbrella Rank: 587 secure.adnxs.com — Cisco Umbrella Rank: 469	34 KB
15	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 448	38 KB
15	impact-ad.jp 8 redirects y.one.impact-ad.jp — Cisco Umbrella Rank: 4785 penta.a.one.impact-ad.jp — Cisco Umbrella Rank: 89104	13 KB
14	booklog.jp 7 redirects widget.booklog.jp api.booklog.jp	14 KB
13	3lift.com 3 redirects tlx.3lift.com — Cisco Umbrella Rank: 646 eb2.3lift.com — Cisco Umbrella Rank: 422	6 KB
10	adsrvr.org 10 redirects match.adsrvr.org — Cisco Umbrella Rank: 383	6 KB
9	openx.net 3 redirects u.openx.net — Cisco Umbrella Rank: 769 us-u.openx.net — Cisco Umbrella Rank: 496	2 KB
9	jugem.jp 1 redirects crescent-star.jugem.jp imaging.jugem.jp img-cdn.jg.jugem.jp	96 KB
8	bidr.io 8 redirects match.prod.bidr.io — Cisco Umbrella Rank: 610	4 KB
8	bidswitch.net 8 redirects x.bidswitch.net — Cisco Umbrella Rank: 359 r.bidswitch.net — Cisco Umbrella Rank: 8555	4 KB
8	ladsp.com 1 redirects pb.ladsp.com — Cisco Umbrella Rank: 66768 cr-p31.ladsp.com — Cisco Umbrella Rank: 11439	4 KB
7	yahoo.com 4 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481 ups.analytics.yahoo.com — Cisco Umbrella Rank: 338	4 KB
7	4dex.io script.4dex.io — Cisco Umbrella Rank: 1574 mp.4dex.io — Cisco Umbrella Rank: 2835 u.4dex.io — Cisco Umbrella Rank: 4330	27 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 325	461 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	336 KB
6	socdm.com d.socdm.com — Cisco Umbrella Rank: 52313	13 KB
6	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 719 dis.criteo.com — Cisco Umbrella Rank: 608 gum.criteo.com — Cisco Umbrella Rank: 405 mug.criteo.com — Cisco Umbrella Rank: 2102	2 KB
6	adtdp.com ad.as.amanad.adtdp.com — Cisco Umbrella Rank: 5965	4 KB
6	ntv.co.jp 4 redirects www.ntv.co.jp — Cisco Umbrella Rank: 777538	1 KB
5	tapad.com 4 redirects pixel.tapad.com — Cisco Umbrella Rank: 524	1 KB
5	sleepingawake.org sleepingawake.org img.missvonsmith.sleepingawake.org Failed	441 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1425	1 KB
4	zemanta.com 4 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 573	2 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 613	2 KB
3	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 893 s.tribalfusion.com — Cisco Umbrella Rank: 1946	1 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 1044	2 KB
3	adgrx.com 3 redirects cm.adgrx.com — Cisco Umbrella Rank: 1657	2 KB
3	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 796	728 B
3	cognitivlabs.com 2 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1667	1 KB
3	flux.jp a.flux.jp — Cisco Umbrella Rank: 79852	1 KB
2	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 1921	1 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2972	969 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 689 cdn.indexww.com — Cisco Umbrella Rank: 1684	2 KB
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 423	2 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 568	58 KB
2	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 414	878 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 633	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 756	938 B
2	usbrowserspeed.com 2 redirects a.usbrowserspeed.com — Cisco Umbrella Rank: 7571	526 B
2	clickcertain.com 2 redirects a.clickcertain.com — Cisco Umbrella Rank: 7712	1 KB
2	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1366	69 B
2	dotomi.com 2 redirects pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4489	743 B
2	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 1067	952 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 981	1 KB
2	thrtle.com 1 redirects thrtle.com — Cisco Umbrella Rank: 1499	683 B
2	eqads.com 1 redirects um2.eqads.com — Cisco Umbrella Rank: 4101	564 B
2	smartadserver.com 2 redirects ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 8420 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 623	812 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	88 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
1	playground.xyz 1 redirects ads.playground.xyz — Cisco Umbrella Rank: 4898	467 B
1	adswizz.com synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 3037	397 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1596	425 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 1783	504 B
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 7105	277 B
1	truffle.bid matching.truffle.bid — Cisco Umbrella Rank: 8281
1	inmobi.com 1 redirects mweb.ck.inmobi.com — Cisco Umbrella Rank: 4755	348 B
1	appier.net 1 redirects gocm.c.appier.net — Cisco Umbrella Rank: 2649	436 B
1	ctnsnet.com ipac.ctnsnet.com — Cisco Umbrella Rank: 6589	369 B
1	mrtnsvr.com 1 redirects ad.mrtnsvr.com — Cisco Umbrella Rank: 3199	308 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1372	650 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1098	408 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 597	751 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 258	669 B
1	im-apps.net sync6.im-apps.net — Cisco Umbrella Rank: 63766	340 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 1072	554 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1453	674 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 813	940 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 862	592 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1137	222 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 577	739 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 651	961 B
1	technoratimedia.com 1 redirects sync.technoratimedia.com — Cisco Umbrella Rank: 1634	3 KB
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 977	795 B
1	google.com adservice.google.com — Cisco Umbrella Rank: 113	456 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 822	532 B
1	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 18260	184 B
1	mediago.io rtb-jp.mediago.io — Cisco Umbrella Rank: 140472	429 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	1 KB
1	loli.net i.loli.net — Cisco Umbrella Rank: 253756	14 KB
1	rakuten.co.jp corp.rakuten.co.jp	1 KB
1	flux-cdn.com flux-cdn.com — Cisco Umbrella Rank: 85043	138 KB
0	facebook.com Failed www.facebook.com Failed
0	mxptint.net Failed pmp.mxptint.net Failed
0	loopme.me Failed csync.loopme.me Failed
422	91

	Domain	Requested by
62	pagead2.googlesyndication.com	2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com crescent-star.jugem.jp
42	cm.g.doubleclick.net	30 redirects u.openx.net eus.rubiconproject.com googleads.g.doubleclick.net eb2.3lift.com
24	tpc.googlesyndication.com	2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
23	dsum-sec.casalemedia.com	5 redirects ssum-sec.casalemedia.com um2.eqads.com googleads.g.doubleclick.net
23	platform.twitter.com	crescent-star.jugem.jp platform.twitter.com
18	simage2.pubmatic.com	1 redirects ads.pubmatic.com
15	m.media-amazon.com	crescent-star.jugem.jp
15	ib.adnxs.com	8 redirects flux-cdn.com googleads.g.doubleclick.net acdn.adnxs.com
14	s.amazon-adsystem.com	2 redirects c.amazon-adsystem.com s.amazon-adsystem.com ssum-sec.casalemedia.com u.openx.net eus.rubiconproject.com ads.pubmatic.com
14	y.one.impact-ad.jp	8 redirects crescent-star.jugem.jp
12	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
12	googleads.g.doubleclick.net	2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com pagead2.googlesyndication.com
12	eb2.3lift.com	3 redirects ads.pubmatic.com flux-cdn.com eb2.3lift.com
12	widget.booklog.jp	6 redirects crescent-star.jugem.jp
10	match.adsrvr.org	10 redirects
9	image2.pubmatic.com	ads.pubmatic.com
8	match.prod.bidr.io	8 redirects
7	us-u.openx.net	2 redirects u.openx.net googleads.g.doubleclick.net ads.pubmatic.com
7	x.bidswitch.net	7 redirects
7	2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	syndication.twitter.com	platform.twitter.com crescent-star.jugem.jp
6	s0.2mdn.net	2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	www.googletagservices.com	2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
6	eus.rubiconproject.com	s.amazon-adsystem.com eus.rubiconproject.com crescent-star.jugem.jp flux-cdn.com
6	d.socdm.com	flux-cdn.com
6	fastlane.rubiconproject.com	flux-cdn.com
6	ad.as.amanad.adtdp.com	flux-cdn.com
6	pb.ladsp.com	flux-cdn.com
6	www.ntv.co.jp	4 redirects crescent-star.jugem.jp
5	pixel.rubiconproject.com	2 redirects eus.rubiconproject.com
5	pr-bh.ybp.yahoo.com	2 redirects u.openx.net ads.pubmatic.com ssum-sec.casalemedia.com
5	pixel.tapad.com	4 redirects ads.pubmatic.com
5	ssum-sec.casalemedia.com	2 redirects s.amazon-adsystem.com ssum-sec.casalemedia.com js-sec.indexww.com
5	sleepingawake.org	crescent-star.jugem.jp
4	sync.teads.tv	2 redirects googleads.g.doubleclick.net
4	token.rubiconproject.com	4 redirects
4	u.4dex.io	ads.pubmatic.com crescent-star.jugem.jp eus.rubiconproject.com
4	b1sync.zemanta.com	4 redirects
4	imaging.jugem.jp	crescent-star.jugem.jp
4	crescent-star.jugem.jp	1 redirects crescent-star.jugem.jp
3	sync.1rx.io	3 redirects
3	pm.w55c.net	3 redirects
3	cm.adgrx.com	3 redirects
3	sync-tm.everesttech.net	2 redirects ads.pubmatic.com
3	beacon.lynx.cognitivlabs.com	2 redirects ads.pubmatic.com
3	image6.pubmatic.com	1 redirects ads.pubmatic.com
3	ads.pubmatic.com	crescent-star.jugem.jp ads.pubmatic.com flux-cdn.com
3	a.flux.jp	flux-cdn.com
3	c.amazon-adsystem.com	1 redirects crescent-star.jugem.jp c.amazon-adsystem.com
3	securepubads.g.doubleclick.net	crescent-star.jugem.jp securepubads.g.doubleclick.net
2	px.owneriq.net	2 redirects
2	secure.adnxs.com	2 redirects
2	a.sportradarserving.com	2 redirects
2	cr-p31.ladsp.com	1 redirects crescent-star.jugem.jp
2	id5-sync.com	flux-cdn.com
2	mug.criteo.com	crescent-star.jugem.jp
2	gum.criteo.com	1 redirects
2	simage4.pubmatic.com	ads.pubmatic.com
2	static.criteo.net	flux-cdn.com static.criteo.net
2	px.ads.linkedin.com	eus.rubiconproject.com eb2.3lift.com
2	c1.adform.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	a.usbrowserspeed.com	2 redirects
2	a.clickcertain.com	2 redirects
2	rtb.adentifi.com	ads.pubmatic.com ssum-sec.casalemedia.com
2	pubmatic-match.dotomi.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ad.turn.com	2 redirects
2	um.simpli.fi	2 redirects
2	thrtle.com	1 redirects ads.pubmatic.com
2	a.tribalfusion.com	2 redirects
2	um2.eqads.com	1 redirects ssum-sec.casalemedia.com
2	dsum.casalemedia.com	ssum-sec.casalemedia.com
2	u.openx.net	1 redirects s.amazon-adsystem.com
2	htlb.casalemedia.com	flux-cdn.com
2	script.4dex.io	flux-cdn.com script.4dex.io
2	connect.facebook.net	crescent-star.jugem.jp connect.facebook.net
2	www.google-analytics.com	crescent-star.jugem.jp www.google-analytics.com
2	api.booklog.jp	1 redirects crescent-star.jugem.jp
1	ads.playground.xyz	1 redirects
1	synchroscript.deliveryengine.adswizz.com	ads.pubmatic.com
1	sync.bfmio.com	ads.pubmatic.com
1	crb.kargo.com	ads.pubmatic.com
1	core.iprom.net	ads.pubmatic.com
1	matching.truffle.bid	ads.pubmatic.com
1	mweb.ck.inmobi.com	1 redirects
1	gocm.c.appier.net	1 redirects
1	ipac.ctnsnet.com	ads.pubmatic.com
1	ad.mrtnsvr.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	lb.eu-1-id5-sync.com	flux-cdn.com
1	stags.bluekai.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	acdn.adnxs.com	flux-cdn.com
1	js-sec.indexww.com	flux-cdn.com
1	penta.a.one.impact-ad.jp	flux-cdn.com
1	sync6.im-apps.net	flux-cdn.com
1	pixel-us-west.rubiconproject.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	aax-eu.amazon-adsystem.com	eus.rubiconproject.com
1	sync.ipredictive.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	ums.acuityplatform.com	1 redirects
1	s.tribalfusion.com	ads.pubmatic.com
1	sync.srv.stackadapt.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	cms.quantserve.com	1 redirects
1	match.deepintent.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	bh.contextweb.com	1 redirects
1	sync.technoratimedia.com	1 redirects
1	p.rfihub.com	1 redirects
1	pixel-us-east.rubiconproject.com	1 redirects
1	r.bidswitch.net	1 redirects
1	adservice.google.com	securepubads.g.doubleclick.net
1	ssbsync-us.smartadserver.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	prebid-asia.creativecdn.com	flux-cdn.com
1	tlx.3lift.com	flux-cdn.com
1	bidder.criteo.com	flux-cdn.com
1	mp.4dex.io	flux-cdn.com
1	hbopenbid.pubmatic.com	flux-cdn.com
1	rtb-jp.mediago.io	flux-cdn.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	cdn.jsdelivr.net	flux-cdn.com
1	i.loli.net	crescent-star.jugem.jp
1	img-cdn.jg.jugem.jp	crescent-star.jugem.jp
1	corp.rakuten.co.jp	crescent-star.jugem.jp
1	flux-cdn.com	crescent-star.jugem.jp
0	www.facebook.com Failed	connect.facebook.net
0	pmp.mxptint.net Failed	ads.pubmatic.com
0	csync.loopme.me Failed	ads.pubmatic.com
0	img.missvonsmith.sleepingawake.org Failed	crescent-star.jugem.jp
422	136

This site contains links to these domains. Also see Links.

Domain
rakvten-card.co.ip.pjhhxhpi.ml
jreasctjapjeap.com
160.251.1.106
www.amazon-co-jp-check-erfo.top
174.139.46.83
194.124.216.193
jugem.jp
yaplog.jp
morimix.blog85.fc2.com
www18.ocn.ne.jp
ikemika.blog14.fc2.com
blog.goo.ne.jp
booklog.jp
missvonsmith.sleepingawake.org

Subject Issuer	Validity	Valid
flux-cdn.com Amazon RSA 2048 M02	`2023-02-24` - `2023-12-17`	10 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.rakuten.co.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-10-19` - `2023-11-19`	a year	crt.sh
loli.net Cloudflare Inc ECC CA-3	`2023-04-05` - `2024-04-04`	a year	crt.sh
imaging.jugem.jp Amazon RSA 2048 M02	`2023-02-22` - `2024-01-22`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
a.flux.jp GTS CA 1D4	`2023-06-11` - `2023-09-09`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.ladsp.com GlobalSign RSA OV SSL CA 2018	`2023-05-16` - `2024-06-16`	a year	crt.sh
*.mediago.io GlobalSign GCC R3 DV TLS CA 2020	`2023-01-13` - `2024-02-11`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.as.amanad.adtdp.com Amazon RSA 2048 M02	`2023-02-05` - `2024-03-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-31` - `2023-08-31`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.socdm.com GlobalSign RSA OV SSL CA 2018	`2023-05-31` - `2024-06-30`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-08` - `2023-07-07`	3 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2022-10-19` - `2023-10-18`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-31` - `2024-01-30`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
um3.eqads.com Amazon RSA 2048 M01	`2023-05-26` - `2024-06-23`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-07` - `2023-12-09`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-11-30` - `2024-01-01`	a year	crt.sh
beacon.lynx.cognitivlabs.com Amazon RSA 2048 M02	`2023-03-31` - `2024-04-28`	a year	crt.sh
u.4dex.io GTS CA 1D4	`2023-06-29` - `2023-09-27`	3 months	crt.sh
adentifi.com Amazon RSA 2048 M02	`2023-02-22` - `2023-09-03`	6 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
a.one.impact-ad.jp SECOM Passport for Web SR 3.0 CA	`2023-03-27` - `2024-03-31`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-06-02` - `2023-12-02`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.ctnsnet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-04` - `2023-11-06`	10 months	crt.sh
truffle.bid R3	`2023-05-24` - `2023-08-22`	3 months	crt.sh
*.iprom.net R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
*.app.kargo.com Amazon RSA 2048 M02	`2023-02-21` - `2024-01-18`	a year	crt.sh
*.bfmio.com Amazon RSA 2048 M02	`2023-03-17` - `2024-04-14`	a year	crt.sh
*.deliveryengine.adswizz.com Amazon RSA 2048 M02	`2023-02-09` - `2024-02-13`	a year	crt.sh

This page contains 90 frames:

Primary Page: http://crescent-star.jugem.jp/
Frame ID: 505FED02A47AD4CD7D30F4F125386711
Requests: 117 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fcrescent-star.jugem.jp
Frame ID: 12B54063401175FD2719546094C0F8C7
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_rbd_ox-db5_smrt_n-Outbrain&dcc=t
Frame ID: 9877ADDFBAF6C56FBD5BFF2AA06A3AD9
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_ox-db5_smrt_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 3DA4151DBC820D1154C4C49A36C15E17
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 6C479FE2D15C12942490BD057740FA83
Requests: 21 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: BADF33FF5E097C8187B941C8E2D4FAE6
Requests: 9 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: CDBF1E435BFCC397257EC7C7E14B7923
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1448414310149459964&gdpr=0&gdpr_consent=
Frame ID: FCF4B7A4B89801D64430BEFB9B3EC4B5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 042824F0D3D6C9C2CCA1297E80591FBB
Requests: 11 HTTP requests in this frame

Frame: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9405CA80AFCC5BA976A50E3264DF8AAD
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: C44E0F798E86E10A08E2374B6CB3A992
Requests: 2 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 73591273220BA9B2DE02930A239C9673
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1783777322866507464
Frame ID: FA88AC53550B60107BA746CC42CA35EA
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&redir=true&gdpr=0&gdpr_consent=
Frame ID: 490A5A46F8F4049A0520D9DFC6E8E68E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB0x07JPeIAACR4l1I58A&gdpr=0&gdpr_consent=
Frame ID: B56DBFEC94A3C62174835C2A99CE884E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6bb0649e-f0c0-4d00-bb72-31bc0765c9c4&gdpr=0&gdpr_consent=
Frame ID: 9185CCAD1356C0C97B0B13502CA25DD3
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 69433271A189D5A9BFCFFE351C2A24B8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8780596409763565358&gdpr=0&gdpr_consent=
Frame ID: 0E76C2260FC7FE5F0392E782E6AE690B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TbjUah28jj9Wv9Q3Ge3Abk20j21Wu9Q-H-rVkaGl
Frame ID: 03CBEDF688948BBD846E5719C548C09D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=76962ef6-1758-11ee-af13-5f9bbfc5070b
Frame ID: 5AA984B14C58E95DAABBA5938F0F64C2
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: EEC49F4E43EB33E6C6898D3C9FEEC813
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:I321QrfV1QffMY5&gdpr=0&gdpr_consent=
Frame ID: C0695C535C3F937BF6C5644707E4143F
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2
Frame ID: 59D717E3DF9389BC00086A8CCE55555D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&gdpr=0&gdpr_consent=
Frame ID: BEA22E9BAD4165E50BC046AB9C5370EB
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 1030060B057431D40E44209328B309AB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=795479323761
Frame ID: C981F03A28107E01A4EF308ED85C1AE4
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 8A82BDD08AC08559D33E354F06482F54
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C3A7FB0F-E114-40C9-87C8-FA6B843976E2
Frame ID: F7FA47566DE4472F0963129504E1CDC4
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: BC9E53B87E2B986667CF61CB8B292E6B
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: AFE3285C43C82A22CC32D3054193AA62
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 58AAEA6E32FECFDB7519BAA0313084D4
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: E6AA332AB7C485143F023E4416080739
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 4A97B4791EBAD735A6B78C209D901096
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: 5023E42A37754C5D4FA396DC9CF1D78A
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 49BAEF327CEACE776CCFAC17DBF4B3FB
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: 857F3E264686ABA4497E9853D64BC4D3
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 4916B67C705089189CF316F91FCD20B8
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: 7349A875DBC0A2C4B26D6E3822F0953E
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 0D02BC6F0200557833637080379920B4
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: D3673B82D7308E560DD9387AC59FC44F
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 65EF0A8E2FCEC9CBC804944FA33BF32B
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: AEA52BE5BF4F942CBDA8AD7D2DEB3103
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 430A17CADD2164E59D50E0629D90785E
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: 653171A7B49D1562DF86902FA63DC384
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: 55DAB2F423CABC75A9155A0C2A4BD8DE
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: BE6695A9F7522E525C6734D03E6270F4
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Frame ID: B9218E03FAF6A509B6BB73EB43919C22
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: 17CAC8293CC20AFD7060796B943482EB
Requests: 2 HTTP requests in this frame

Frame: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5502DEC6BB561D9C8CE1FFB0C58C37B0
Requests: 18 HTTP requests in this frame

Frame: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5BBC5EE7FC429EAB25D1484020A7488C
Requests: 18 HTTP requests in this frame

Frame: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FFE258E563CA92E6C7318B3AA353DCCA
Requests: 19 HTTP requests in this frame

Frame: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3AE3828AD14129671A384F0FCF60F557
Requests: 19 HTTP requests in this frame

Frame: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F099BBC0D4DA9BF6B50667C835F632B8
Requests: 18 HTTP requests in this frame

Frame: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E00BB45D9B269ABC7FCAC2453C59AA52
Requests: 18 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Frame ID: C89C9A545B1217182DC50E5F360025B2
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNU4tbVpENdZbRibks-Wy8fbgzsZgwR-mE2EAvS56DAacJgxmEZTGh7eeD1xFmX2jCVsANf5LpYsXRQLkW85x3zudjhFqw
Frame ID: BCEC5AB867D8EC884633D28C700F6301
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNV_4ktpaRhdRcnYzb-WLs2vQm2Wf6Fg4OLn4AaBxY38i5i5Kr3Nu599TjyAawDpv8w-Ahf4HXFqo4yWCehIBR7O0Q49bg
Frame ID: 599E6F8850D7D7836809E7D791BF083F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNXXDHvDPupj104kgRCOvehwxUfs_h1VqGBznGZka33ACWInzZwEjYLTlGMMdmJKXJ9XxelrtSZzslALSWZYNl3QfSmNGg
Frame ID: CD77A34602239A610636B0AF52BDA774
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNUOqECeibP0v9pOi-PNBTU4CnkpG1iYAfpXAIxUdgOJ3W3gyYvkSMtfXEFB4Z5612d9UFoNF8EfQ6j06I5r-UGJLXcW9w
Frame ID: A6A610326C913F4D5022B1B2D8BB8EDF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNXyuufD4UhjcZuHxxGNjSXHChomLmPexh5gxs5s5gMroF4ECEUWCSrCWhKGF26x_D5wU-DMcrwJSpHfLiSvd4SUPiTFWw
Frame ID: 76FDE678DB095AEC8BE8448831302F58
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNVFrRipAFQJRrrA_ipDiJePePg0ed8rvI-JXXUiLN4wAYjMdE9HIx-fpsiuPvNC74K1-7PV_PDmdO54jGdWKHG4sR-9ew
Frame ID: 779D2A4FC24D3CCD4EEFB14904FEC19E
Requests: 5 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: FB5A3676D640174B194F6A9695604BF1
Requests: 11 HTTP requests in this frame

Frame: https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Frame ID: 0B9A56FB55E17C7BB338D52DA16DE69E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Frame ID: C7AF1335140BFCF6B408BACDB7F3228C
Requests: 8 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9E0902A860B4A62B72C3AD8ADFDE0ADD
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CF64967309B69CA0FFAB4DB1BC2715CC
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5E263EF353F8140F9D9FF0544623DCB3
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fcrescent-star.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 17D2A2FBF25193C961745A54A6C9E3E3
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D3E8C06524FB736E6F232661B9E88441
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b6f24ba6-27de-43b3-9293-bb8625f3db48-005
Frame ID: F10534ED143F64EAE80CB59E6CA5D443
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&gdpr=0&gdpr_consent=
Frame ID: 3A028C9DFF337F5F2CCB44C0A188573E
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 5AF6D7F1298A7070A32963D0221BEE6B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=lAEJRVoTA4yK6bW9xPCeZA
Frame ID: 570A4A2B2CB8BF14DD634996A399268E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=d2cc978e-e4b4-4edd-80d9-ad2c4a908504
Frame ID: BB65A102587B420402C355182FA9A155
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: BE6CB65435C4E366E5E43C057BC1B5B9
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 736F70C035392F920B682B844E991687
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7414243241464908987
Frame ID: 3EA23C53697FD442FA56FA9B22A1E309
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AD8E4C81138A47AD9B352AC9EEBA7388&gdpr=0&gdpr_consent=
Frame ID: 81514A2869F8D5F3C462D45EDB330F6B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 87F9C6F0F289B9E75F0554EAB582995D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 39CDB0181AC400064D493BCE311ED366
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 37837B1EEDF6C8CFF13D10DC216C3482
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4AA2EA1D90B98E0230B490E1EC708DAE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FC816EA8269A1687FE9AAD7CBF48318E
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3da41d22e2d094%26domain%3Dcrescent-star.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcrescent-star.jugem.jp%252Ff771a11b6c5394%26relation%3Dparent.parent&container_width=390&href=http%3A%2F%2Fcrescent-star.jugem.jp%2F%3Feid%3D940&layout=button_count&locale=ja_JP&sdk=joey&width=110
Frame ID: CDA2885D4A2833C09A0CA8F574B890F8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df162887a601b22%26domain%3Dcrescent-star.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcrescent-star.jugem.jp%252Ff771a11b6c5394%26relation%3Dparent.parent&container_width=450&href=http%3A%2F%2Fcrescent-star.jugem.jp%2F%3Feid%3D940&layout=button_count&locale=ja_JP&sdk=joey&width=110
Frame ID: 3D016133417D201246E728174E7DB538
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df85db4c386a90c%26domain%3Dcrescent-star.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcrescent-star.jugem.jp%252Ff771a11b6c5394%26relation%3Dparent.parent&container_width=390&href=http%3A%2F%2Fcrescent-star.jugem.jp%2F%3Feid%3D939&layout=button_count&locale=ja_JP&sdk=joey&width=110
Frame ID: B6CCA8299B6F8B9296C607F088277417
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ad9e948359758%26domain%3Dcrescent-star.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcrescent-star.jugem.jp%252Ff771a11b6c5394%26relation%3Dparent.parent&container_width=450&href=http%3A%2F%2Fcrescent-star.jugem.jp%2F%3Feid%3D939&layout=button_count&locale=ja_JP&sdk=joey&width=110
Frame ID: EA69983756073E6B4ED2DE3B44F5D267
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a2dc2f8f83924%26domain%3Dcrescent-star.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcrescent-star.jugem.jp%252Ff771a11b6c5394%26relation%3Dparent.parent&container_width=390&href=http%3A%2F%2Fcrescent-star.jugem.jp%2F%3Feid%3D938&layout=button_count&locale=ja_JP&sdk=joey&width=110
Frame ID: 13E107C4FB3A320F7A83CCC5E832B0DA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df207fcc17f24044%26domain%3Dcrescent-star.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcrescent-star.jugem.jp%252Ff771a11b6c5394%26relation%3Dparent.parent&container_width=450&href=http%3A%2F%2Fcrescent-star.jugem.jp%2F%3Feid%3D938&layout=button_count&locale=ja_JP&sdk=joey&width=110
Frame ID: A28B61AC2B46DA2953CC297943BE08ED
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3510437dfe3904%26domain%3Dcrescent-star.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcrescent-star.jugem.jp%252Ff771a11b6c5394%26relation%3Dparent.parent&container_width=390&href=http%3A%2F%2Fcrescent-star.jugem.jp%2F%3Feid%3D937&layout=button_count&locale=ja_JP&sdk=joey&width=110
Frame ID: 2C537BF443FAF1FA27E68085A783E657
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

★blue crescent*star★second

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

422
Requests

72 %
HTTPS

28 %
IPv6

91
Domains

136
Subdomains

86
IPs

10
Countries

3350 kB
Transfer

7727 kB
Size

166
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: http://rakvten-card.co.ip.pjhhxhpi.ml/
Title: 楽天ログイン

Search URL Search Domain Scan URL

URL: http://jreasctjapjeap.com/

Search URL Search Domain Scan URL

URL: http://160.251.1.106/ap/signin?openid.pape.max_auth_age=0&openid.return_to=https%3a%2f%2fwww.amazon.co.jp%2f%3fref_%3dnav_em_hd_re_signin&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&&ref_=nav_em_hd_clc_signin

Search URL Search Domain Scan URL

URL: https://www.amazon-co-jp-check-erfo.top/
Title: アカウント所有権の証明

Search URL Search Domain Scan URL

URL: http://174.139.46.83/ap/signin?openid.pape.max_auth_age=0&openid.return_to=https%3a%2f%2fwww.amazon.co.jp%2f%3fref_%3dnav_em_hd_re_signin&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&&ref_=nav_em_hd_clc_signin
Title: お客様のAmazonプライム会員登録はキャンセルされました。

Search URL Search Domain Scan URL

URL: http://194.124.216.193/ap/signin?openid.pape.max_auth_age=0&openid.return_to=https%3a%2f%2fwww.amazon.co.jp%2f%3fref_%3dnav_em_hd_re_signin&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&&ref_=nav_em_hd_clc_signin
Title: お客様のAmazonプライム会員登録はキャンセルされました。

Search URL Search Domain Scan URL

URL: https://jugem.jp/

Search URL Search Domain Scan URL

URL: http://yaplog.jp/meg888/
Title: MARIN*aicha ←過去のblogはこちら

Search URL Search Domain Scan URL

URL: http://morimix.blog85.fc2.com/
Title: somewherer over the rainbow

Search URL Search Domain Scan URL

URL: http://www18.ocn.ne.jp/~cs-yoyo/
Title: ｃｏｔｔｏｎｓｅｅｄ

Search URL Search Domain Scan URL

URL: http://ikemika.blog14.fc2.com/
Title: ⊹⊱❋nonbiri❋⊰⊹

Search URL Search Domain Scan URL

URL: http://blog.goo.ne.jp/cottonseed-y
Title: cottonseed*

Search URL Search Domain Scan URL

URL: https://booklog.jp/users/mingman/archives/1/4344417690

Search URL Search Domain Scan URL

URL: https://booklog.jp/users/mingman/archives/1/476151308X

Search URL Search Domain Scan URL

URL: https://booklog.jp/users/mingman/archives/1/4864101760

Search URL Search Domain Scan URL

URL: https://booklog.jp/users/mingman/archives/1/4083211067

Search URL Search Domain Scan URL

URL: https://booklog.jp/users/mingman/archives/1/4652007604

Search URL Search Domain Scan URL

URL: https://booklog.jp/users/mingman/archives/1/4652007434

Search URL Search Domain Scan URL

URL: https://booklog.jp/users/mingman/archives/1/4872904958

Search URL Search Domain Scan URL

URL: https://booklog.jp/users/mingman/archives/1/4789722848

Search URL Search Domain Scan URL

URL: https://booklog.jp/users/mingman/archives/1/4892190950

Search URL Search Domain Scan URL

URL: https://booklog.jp/users/mingman/archives/1/4591126463

Search URL Search Domain Scan URL

URL: https://booklog.jp/users/mingman/archives/1/4041002869

Search URL Search Domain Scan URL

URL: https://booklog.jp/users/mingman/archives/1/4097260847

Search URL Search Domain Scan URL

URL: https://booklog.jp/users/mingman/archives/1/4591103366

Search URL Search Domain Scan URL

URL: https://booklog.jp/users/mingman/archives/1/4072779601

Search URL Search Domain Scan URL

URL: https://booklog.jp/users/mingman/archives/1/4083150211

Search URL Search Domain Scan URL

URL: http://booklog.jp/users/mingman

Search URL Search Domain Scan URL

URL: http://booklog.jp/

Search URL Search Domain Scan URL

URL: http://jugem.jp/
Title: Jugem

Search URL Search Domain Scan URL

URL: http://missvonsmith.sleepingawake.org/
Title: Miss von Smith

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://crescent-star.jugem.jp/template/js/cookie.js HTTP 301
http://imaging.jugem.jp/template/js/cookie.js

Request Chain 11

http://widget.booklog.jp/blogparts/js/booklog_minishelf.js?handwrite HTTP 301
https://widget.booklog.jp/blogparts/js/booklog_minishelf.js?handwrite

Request Chain 12

http://api.booklog.jp/json/mingman?category=0&count=15&callback=booklog_minishelf HTTP 301
http://api.booklog.jp/v2/json/mingman?category=0&count=15&callback=booklog_minishelf

Request Chain 13

http://www.ntv.co.jp/appli/serverdata/cooking/AC_OETags.js HTTP 301
https://www.ntv.co.jp/appli/serverdata/cooking/AC_OETags.js HTTP 301
https://www.ntv.co.jp/mobile/

Request Chain 14

http://www.ntv.co.jp/appli/serverdata/cooking/ntvKewpieCooking.js HTTP 301
https://www.ntv.co.jp/appli/serverdata/cooking/ntvKewpieCooking.js HTTP 301
https://www.ntv.co.jp/mobile/

Request Chain 15

http://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://c.amazon-adsystem.com/aax2/apstag.js

Request Chain 16

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 25

http://connect.facebook.net/ja_JP/sdk.js HTTP 307
https://connect.facebook.net/ja_JP/sdk.js

Request Chain 55

https://y.one.impact-ad.jp/h_bid?v=hb1&p=127832&cb=23839154134&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=5146b64181dd702&tid=f34bb293-085f-458b-9b94-e156dc02d654&uc=div-gpt-ad-1621996524994-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250 HTTP 302
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127832&cb=23839154134&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=5146b64181dd702&tid=f34bb293-085f-458b-9b94-e156dc02d654&uc=div-gpt-ad-1621996524994-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250

Request Chain 56

https://y.one.impact-ad.jp/h_bid?v=hb1&p=127831&cb=93680626240&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=52f234f0a5e1746&tid=2c8d7855-608d-4174-bc0c-218ff962a567&uc=div-gpt-ad-1621996441547-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250 HTTP 302
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127831&cb=93680626240&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=52f234f0a5e1746&tid=2c8d7855-608d-4174-bc0c-218ff962a567&uc=div-gpt-ad-1621996441547-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250

Request Chain 57

https://y.one.impact-ad.jp/h_bid?v=hb1&p=127834&cb=49458094512&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=533bf7211eeb948&tid=205dc95b-6d4a-430c-8941-56ffdd33e9db&uc=div-gpt-ad-1621996650583-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250 HTTP 302
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127834&cb=49458094512&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=533bf7211eeb948&tid=205dc95b-6d4a-430c-8941-56ffdd33e9db&uc=div-gpt-ad-1621996650583-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250

Request Chain 58

https://y.one.impact-ad.jp/h_bid?v=hb1&p=127833&cb=39080845809&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=54ce50f40f2682b&tid=d92c229d-536e-4282-a27d-c7f639e7ddaa&uc=div-gpt-ad-1621996615851-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250 HTTP 302
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127833&cb=39080845809&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=54ce50f40f2682b&tid=d92c229d-536e-4282-a27d-c7f639e7ddaa&uc=div-gpt-ad-1621996615851-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250

Request Chain 59

https://y.one.impact-ad.jp/h_bid?v=hb1&p=127836&cb=91932236485&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=55f25ac60ffad3f&tid=f841e35e-661f-4c18-ab18-d8ebebf54a1d&uc=div-gpt-ad-1621996811310-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250 HTTP 302
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127836&cb=91932236485&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=55f25ac60ffad3f&tid=f841e35e-661f-4c18-ab18-d8ebebf54a1d&uc=div-gpt-ad-1621996811310-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250

Request Chain 60

https://y.one.impact-ad.jp/h_bid?v=hb1&p=127835&cb=68107594598&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=56397bd20ae3fc6&tid=a08b0efc-a329-43c7-a13e-74bf85be66cb&uc=div-gpt-ad-1621996765744-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250 HTTP 302
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127835&cb=68107594598&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=56397bd20ae3fc6&tid=a08b0efc-a329-43c7-a13e-74bf85be66cb&uc=div-gpt-ad-1621996765744-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250

Request Chain 91

http://widget.booklog.jp/blogparts/images/templates/handwrite/home.gif HTTP 301
https://widget.booklog.jp/blogparts/images/templates/handwrite/home.gif

Request Chain 92

http://widget.booklog.jp/blogparts/images/templates/handwrite/logo.gif HTTP 301
https://widget.booklog.jp/blogparts/images/templates/handwrite/logo.gif

Request Chain 94

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_rbd_ox-db5_smrt_n-Outbrain HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_rbd_ox-db5_smrt_n-Outbrain&dcc=t

Request Chain 95

http://widget.booklog.jp/blogparts/images/templates/handwrite/top.gif HTTP 301
https://widget.booklog.jp/blogparts/images/templates/handwrite/top.gif

Request Chain 96

http://widget.booklog.jp/blogparts/images/templates/handwrite/main.gif HTTP 301
https://widget.booklog.jp/blogparts/images/templates/handwrite/main.gif

Request Chain 97

http://widget.booklog.jp/blogparts/images/templates/handwrite/bottom.gif HTTP 301
https://widget.booklog.jp/blogparts/images/templates/handwrite/bottom.gif

Request Chain 101

https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=c3cd0795

Request Chain 102

https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=fLhZKkf-F94P2UhaE5Pr

Request Chain 103

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Request Chain 104

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Request Chain 105

https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1448414310149459964&gdpr=0&gdpr_consent=

Request Chain 114

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://match.adsrvr.org/track/cmb/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6b724462-72fa-46ba-9c10-3c9c030bc1d5&expiration=1690729920&gdpr=0&gdpr_consent=

Request Chain 115

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZJ7wv7M16opIMKMsIAK4KAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB0dL9cb852Pr7U5_teTtdQ&google_cver=1

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZJ7wv7M16opIMKMsIAK4KAAADvQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZJ7wv7M16opIMKMsIAK4KAAADvQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO1zifGNRazoiiLQNx0uuf0&google_cver=1

Request Chain 117

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=index HTTP 302
https://r.bidswitch.net/sync?bidswitch_ssp_id=index&bsw_custom_parameter=30c28880-f135-45df-9a1a-123ecbe9d4b2 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=30c28880-f135-45df-9a1a-123ecbe9d4b2&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dindex%26bsw_param%3D30c28880-f135-45df-9a1a-123ecbe9d4b2 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=40bb99ce-d487-4439-8cc0-4f633e1bfa69%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dindex%252526bsw_param%25253D30c28880-f135-45df-9a1a-123ecbe9d4b2%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6b724462-72fa-46ba-9c10-3c9c030bc1d5&ttd_puid=40bb99ce-d487-4439-8cc0-4f633e1bfa69%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dindex%2526bsw_param%253D30c28880-f135-45df-9a1a-123ecbe9d4b2%2C HTTP 302
https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=index&bsw_param=30c28880-f135-45df-9a1a-123ecbe9d4b2 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=30c28880-f135-45df-9a1a-123ecbe9d4b2&gdpr=&gdpr_consent=&us_privacy=

Request Chain 118

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8780596409763565358

Request Chain 119

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=b05f9972-88ff-4817-a911-8a70eb8251d2&expiration=1719760319

Request Chain 124

https://match.adsrvr.org/track/cmf/openx?oxid=260f4daf-3bd5-30ed-4c5a-6c17bb76b1f5&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=260f4daf-3bd5-30ed-4c5a-6c17bb76b1f5&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=6b724462-72fa-46ba-9c10-3c9c030bc1d5&ttd_puid=260f4daf-3bd5-30ed-4c5a-6c17bb76b1f5&gdpr=0&gdpr_consent=

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGE2MDllNjUtZjJhMi02ZTQ5LTU5YmEtMzZhZTcxOTQ3Zjk1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGE2MDllNjUtZjJhMi02ZTQ5LTU5YmEtMzZhZTcxOTQ3Zjk1&google_tc=

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE1VY_CcqCsoAR8vJxQG4Fs&google_cver=1

Request Chain 128

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 129

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LJIPQAMP-Z-B9FL HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LJIPQAMP-Z-B9FL&ex=d-rubiconproject.com&status=ok

Request Chain 131

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1783777322866507464

Request Chain 133

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCMHgwN0pQZUlBQUNSNGwxSTU4QQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAB0x07JPeIAACR4l1I58A&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB0x07JPeIAACR4l1I58A&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAB0x07JPeIAACR4l1I58A&pid=558502&do=add&gdpr=0 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB0x07JPeIAACR4l1I58A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=1448414310149459964&gdpr=0&gdpr_consent= HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB0x07JPeIAACR4l1I58A&gdpr=0&gdpr_consent=

Request Chain 134

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6bb0649e-f0c0-4d00-bb72-31bc0765c9c4&gdpr=0&gdpr_consent=

Request Chain 136

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8780596409763565358&gdpr=0&gdpr_consent=

Request Chain 137

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TbjUah28jj9Wv9Q3Ge3Abk20j21Wu9Q-H-rVkaGl

Request Chain 138

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=76962ef6-1758-11ee-af13-5f9bbfc5070b

Request Chain 140

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:I321QrfV1QffMY5&gdpr=0&gdpr_consent=

Request Chain 141

https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=b05f9972-88ff-4817-a911-8a70eb8251d2&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2

Request Chain 142

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&gdpr=0&gdpr_consent=

Request Chain 143

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 144

https://ums.acuityplatform.com/tum?umid=6 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=795479323761

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w6f7D-EUQMmHyPprhDl24g%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 148

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C3A7FB0F-E114-40C9-87C8-FA6B843976E2 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=C3A7FB0F-E114-40C9-87C8-FA6B843976E2 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=40bb99ce-d487-4439-8cc0-4f633e1bfa69%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6b724462-72fa-46ba-9c10-3c9c030bc1d5&ttd_puid=40bb99ce-d487-4439-8cc0-4f633e1bfa69%2C%2C

Request Chain 149

https://eb2.3lift.com/xuid?mid=7976&xuid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=

Request Chain 150

https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&gdpr=0&gdpr_consent= HTTP 302
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&vxii_pid=12&vxii_pid1=10067&vxii_rcid=3587025c-27cc-4e66-91f3-41971601a959

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzNBN0ZCMEYtRTExNC00MEM5LTg3QzgtRkE2Qjg0Mzk3NkUy&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN07dI0sDKQr6er-RoanQ_s&google_cver=1

Request Chain 153

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:AD8E4C81138A47AD9B352AC9EEBA7388

Request Chain 154

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3039655696692765300&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 155

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6b724462-72fa-46ba-9c10-3c9c030bc1d5&gdpr=0&gdpr_consent=

Request Chain 156

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XCin_9FE2uXL1jzo7NhmsU4FTclcqPE-~A&gdpr=0

Request Chain 158

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1d4186035e70fdd&is_secure=true&networkId=17100&version=1&nuid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHTGW7QckwlwNfxmKbAAAAAAA&expiration=1688224321&nuid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 160

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dfaa0c26-655b-4adc-9f59-33a4b9ffad62&gdpr=0&gdpr_consent=

Request Chain 161

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=30c28880-f135-45df-9a1a-123ecbe9d4b2 HTTP 302
https://a.usbrowserspeed.com/cs?puid=1ded66ff-8631-50e5-9153-a38e0df13db2&pid=lc&r=https%3a%2f%2fmatch%2eprod%2ebidr%2eio%2fcookie%2dsync%2ffivebyfive%3fr%3dhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526bidswitch_ssp_id%253dpubmatic HTTP 302
https://match.prod.bidr.io/cookie-sync/fivebyfive?r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26bidswitch_ssp_id%3dpubmatic HTTP 303
https://a.usbrowserspeed.com/cs?pid=beeswax&puid=AAB0x07JPeIAACR4l1I58A&r=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26bidswitch_ssp_id%3Dpubmatic HTTP 302
https://a.clickcertain.com/px/img/bidswitch/?done=true&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=179&user_id=39d15267-3492-420b-8398-3dfff23d89c6&expires=5&user_group=0&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=30c28880-f135-45df-9a1a-123ecbe9d4b2&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 162

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e14be83c-1342-4d20-be20-a9e1b58a96ff-649ef0c1-5553&gdpr=0&gdpr_consent=

Request Chain 164

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6877677253035538772

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBmKSJ0yZF70oCDxjqYa0yE&google_cver=1

Request Chain 199

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/LZ_osEKkmlc5yDstwI2G-g?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0xTTEiBE2oJsVbGGHT7w_gtJKD1IMnBIJdjnEg--~A

Request Chain 200

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6b724462-72fa-46ba-9c10-3c9c030bc1d5&gdpr=0&gdpr_consent=&expires=30

Request Chain 201

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEpJUFFBTVAtWi1COUZM HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC8neeSa_XwkGxU7K5Q73tU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpJUFFBTVAtWi1COUZM&google_push=

Request Chain 203

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZET1az-yQjSHSRgDqKdPyA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZET1az-yQjSHSRgDqKdPyA

Request Chain 204

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTQ0YjQyYjI2MjZlMjM0MzU0YzY0YmVmMzgyNmQxZWNiYWRjNzhkMQ

Request Chain 205

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJIPQAMP-Z-B9FL

Request Chain 206

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west HTTP 301
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west

Request Chain 215

https://ups.analytics.yahoo.com/ups/58675/occ?gdpr=0&gdpr_consent= HTTP 302
https://u.4dex.io/setuid?bidder=yahoo&uid=y-NkGM3pZE2uGJL_RIQB0NOvhNVpamC44SzZSynQQ-~A&gdpr=0

Request Chain 272

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1

Request Chain 273

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJ7wv7M16opIMKMsIAK4KAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1

Request Chain 274

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEsCszh4v5pZ82GqiRlInRE&google_cver=1

Request Chain 275

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc4MDU5NjQwOTc2MzU2NTM1OA%3D%3D

Request Chain 276

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1

Request Chain 277

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJ7wv7M16opIMKMsIAK4KAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1

Request Chain 278

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEsCszh4v5pZ82GqiRlInRE&google_cver=1

Request Chain 279

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc4MDU5NjQwOTc2MzU2NTM1OA%3D%3D

Request Chain 280

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1

Request Chain 281

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJ7wv7M16opIMKMsIAK4KAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1

Request Chain 282

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEsCszh4v5pZ82GqiRlInRE&google_cver=1

Request Chain 283

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc4MDU5NjQwOTc2MzU2NTM1OA%3D%3D

Request Chain 284

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1

Request Chain 285

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJ7wv7M16opIMKMsIAK4KAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1

Request Chain 286

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEsCszh4v5pZ82GqiRlInRE&google_cver=1

Request Chain 287

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc4MDU5NjQwOTc2MzU2NTM1OA%3D%3D

Request Chain 288

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHG4neOKdXaWKSbG9a9BVf4&google_cver=1

Request Chain 289

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGE2MDllNjUtZjJhMi02ZTQ5LTU5YmEtMzZhZTcxOTQ3Zjk1

Request Chain 290

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEAsyjuQF7iJmtjiA2SF8_kA&google_cver=1

Request Chain 291

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDZhMzQyOWYtNWM4ZC00ZWE3LTk5N2EtZmVmNjE5ODY4NzJh

Request Chain 292

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHG4neOKdXaWKSbG9a9BVf4&google_cver=1

Request Chain 293

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGE2MDllNjUtZjJhMi02ZTQ5LTU5YmEtMzZhZTcxOTQ3Zjk1

Request Chain 294

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEAsyjuQF7iJmtjiA2SF8_kA&google_cver=1

Request Chain 295

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=N2FiNGY0MGMtODg3YS00NTk3LWEzMjItNzFhZDBmOTJmZjI1

Request Chain 296

https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LJIPQAMP-Z-B9FL HTTP 302
https://u.4dex.io/setuid?bidder=rubicon&uid=LJIPQAMP-Z-B9FL

Request Chain 300

https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D HTTP 302
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZJ7wv7M16opIMKMsIAK4KAAADvQAAAAB

Request Chain 318

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fcrescent-star.jugem.jp%2F&domain=crescent-star.jugem.jp&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=xGdSlHxHRHdZYVBVNm1pNWJyai9UdmN3VVhCUWNhd2NOM1dnbE9QTWJtSWp2cjErUFJTbjgxOHNqSFllVDdsbFNndlkvdnFrUWlTWVpaaDduMDZUUU9ZTXM4VWJJb3ZINGl3S00vdU13b1pSc1FPWk1PSUduZytsQXFMa0xmdFpoVnVRQko2cjNmNEtuTkVjVVl4YTl5Wjdvb1pYUHYzYk8vY3dkRlN5MlhrTUsrdDFMaDc5R3F4ZWpqTElKUW1KNitmZXVwMjl1bFRDdXU4ODNiY0JUTWdERUR2QWpiK3AxSE1pZ3FNd3F6YkQrTFh2dUlvZGNWa1FPcmhlWnk2YWpuL2xXfA&cppv=2

Request Chain 322

https://y.one.impact-ad.jp/push_sync HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tvu5f2p&ttd_tpi=1 HTTP 302
https://y.one.impact-ad.jp/cs?d=247&uid=6b724462-72fa-46ba-9c10-3c9c030bc1d5&tg=2&et=30&r=no&ttl=1690729923 HTTP 302
https://penta.a.one.impact-ad.jp/psm/1.0/actualizar

Request Chain 327

https://cr-p31.ladsp.com/cookiesender/31 HTTP 302
https://cr-p31.ladsp.com/cookiesender/31?cr=true

Request Chain 345

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=6b724462-72fa-46ba-9c10-3c9c030bc1d5&dongle=0cfd&gdpr=0&gdpr_consent=

Request Chain 346

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Nzg3NTE1OTYxODkxMDMyMTQyNzc%3D HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 347

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFnq_bpfhYnboMNwdx3YL24&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 348

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Nzg3NTE1OTYxODkxMDMyMTQyNzc%3D

Request Chain 350

https://x.bidswitch.net/sync?ssp=triplelift&user_id=78751596189103214277&gdpr=0&gdpr_consent= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=4a36156e-1601-4858-ad5c-2547b927dc07&ssp=triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=30c28880-f135-45df-9a1a-123ecbe9d4b2&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 352

https://pr-bh.ybp.yahoo.com/sync/triplelift/78751596189103214277?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-7_pe6P9E2oRkXwVcmVX1ZFmO21lQYFG3zZvpSRsTaw--~A&dongle=0883

Request Chain 353

https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
https://stags.bluekai.com/site/23178?id=fLhZKkf-F94P2UhaE5Pr&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MZGGQWSLNNTC2RRZGRIDEVLIMFCTKUDS&gdpr=0 HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MZGGQWSLNNTC2RRZGRIDEVLIMFCTKUDS HTTP 302
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=fLhZKkf-F94P2UhaE5Pr

Request Chain 354

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=8780596409763565358&dongle=4d58&gdpr=0&gdpr_consent=

Request Chain 387

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8780596409763565358

Request Chain 389

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZJ7wwwAVnUBCTwBS HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZJ7wwwAVnUBCTwBS&_test=ZJ7wwwAVnUBCTwBS

Request Chain 390

https://match.prod.bidr.io/cookie-sync/ie HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAB0x07JPeIAACR4l1I58A&expiration=1689347523

Request Chain 392

https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZJ7wv7M16opIMKMsIAK4KAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662096371883186

Request Chain 393

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=I321QrfV1QffMY5

Request Chain 394

https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=76962ef6-1758-11ee-af13-5f9bbfc5070b

Request Chain 397

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1688137923870 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=3242509303 HTTP 302
https://sync.1rx.io/usersync/turn/3039655696692765300?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b6f24ba6-27de-43b3-9293-bb8625f3db48-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-b6f24ba6-27de-43b3-9293-bb8625f3db48-005 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b6f24ba6-27de-43b3-9293-bb8625f3db48-005

Request Chain 398

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&gdpr=0&gdpr_consent=

Request Chain 400

https://gocm.c.appier.net/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=lAEJRVoTA4yK6bW9xPCeZA

Request Chain 401

https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=d2cc978e-e4b4-4edd-80d9-ad2c4a908504

Request Chain 404

https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7414243241464908987&uid=Q7414243241464908987&ref=%2Fepm HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7414243241464908987

Request Chain 405

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AD8E4C81138A47AD9B352AC9EEBA7388&gdpr=0&gdpr_consent=

Request Chain 410

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8780596409763565358

422 HTTP transactions
25 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
crescent-star.jugem.jp/ 255 KB
34 KB 1430ms
197ms Document
text/html 35.75.154.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://crescent-star.jugem.jp/
Protocol: HTTP/1.1
Server: 35.75.154.223 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-75-154-223.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 5dd37516fd86f25d99f70735f06df6a85ff0b2fe48668b1587c50490bedfe24b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=180
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 30 Jun 2023 15:11:56 GMT
ETag: W/"63d15d53-3faa9"
Expires: Fri, 30 Jun 2023 15:14:56 GMT
Last-Modified: Wed, 25 Jan 2023 16:48:19 GMT
Server: nginx/1.18.0
Transfer-Encoding: chunked

GET
H/1.1 200
OK jm_style.css
crescent-star.jugem.jp/ 7 KB
8 KB 341ms
192ms Stylesheet
text/css 35.75.154.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://crescent-star.jugem.jp/jm_style.css
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: HTTP/1.1
Server: 35.75.154.223 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-75-154-223.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 5e58f953a0df1ef7609effed0421e06c945d92752adf548452b8aab1a875ac35

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:11:56 GMT
Last-Modified: Wed, 14 Dec 2022 01:34:32 GMT
Server: nginx/1.18.0
ETag: "63992828-1cdb"
Content-Type: text/css
Cache-Control: max-age=180
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7387
Expires: Fri, 30 Jun 2023 15:14:56 GMT

GET
H/1.1

200
OK

cookie.js Show response
imaging.jugem.jp/template/js/
Redirect Chain

http://crescent-star.jugem.jp/template/js/cookie.js
http://imaging.jugem.jp/template/js/cookie.js

1 KB
2 KB

83ms
35ms

Script
application/javascript

2600:9000:254a:1000:13:9454:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://imaging.jugem.jp/template/js/cookie.js
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: HTTP/1.1
Server: 2600:9000:254a:1000:13:9454:1700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c8dfc8418f7c2ae54a0eca38c5c633ea887b3760f7ebd67a886b08d35fdeb76

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 05:17:32 GMT
Via: 1.1 7f30a4c61fd2c4e27ee212f1195d6f3c.cloudfront.net (CloudFront)
Last-Modified: Thu, 29 May 2014 11:02:55 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:usr0600238/gid:20/mode:33188/mtime:1401342085/atime:1401358797/ctime:1401342085
X-Amz-Cf-Pop: MSP50-P2
Age: 35666
ETag: "2b15afa92ef73b696f7b007214887c56"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1283
X-Amz-Cf-Id: SYWCuMKRPkDVyAl860ihHUJ8bJnCv6UqMl2eNyJFRdy5ARdPOM-moQ==

Redirect headers

Location: http://imaging.jugem.jp/template/js/cookie.js
Date: Fri, 30 Jun 2023 15:11:56 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H2 200 jugem.min.js Show response
flux-cdn.com/client/mediano/ 566 KB
138 KB 139ms
38ms Script
text/javascript 18.160.181.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flux-cdn.com/client/mediano/jugem.min.js
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.181.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-181-58.msp50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74f8eb7d67a652edd85f6135dbd1e34f98fba512937982a8f35d353396598736

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: DDZzxm2Iz22lq3yhXHu.ldh_iNg3A4J0
content-encoding: br
via: 1.1 7f30a4c61fd2c4e27ee212f1195d6f3c.cloudfront.net (CloudFront)
date: Fri, 30 Jun 2023 15:08:13 GMT
last-modified: Tue, 27 Jun 2023 09:56:23 GMT
server: AmazonS3
x-amz-cf-pop: MSP50-P2
age: 225
x-amz-server-side-encryption: AES256
etag: W/"a3d41464b4bfd50b300012a37a2d08d0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: hhA8vIc-3EAuLuAV2qtDYTj_IBdYngW8xuVj0WS2_Spz8EWJ5b2w9g==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
26 KB 178ms
87ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97dff70ce6f25f71e2c865ba43585da08c68e66460192b6c0fe0c9b610e98666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:11:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25861
x-xss-protection: 0
server: cafe
etag: 512 / 19538 / 31075744 / config-hash: 327100832698525116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:11:57 GMT

GET
H/1.1 200
OK tenten2.png
sleepingawake.org/ 359 B
644 B 1312ms
191ms Image
image/png 157.7.107.75
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sleepingawake.org/tenten2.png
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: HTTP/1.1
Server: 157.7.107.75 Naritahigashi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-75.virt.lolipop.jp
Software: Apache /
Resource Hash: 6bd2041394360c069e86d56c01badd656d5a2732bc545d391dfe6b9f59287b42

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Dec 2011 02:08:48 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: none
Content-Length: 382

GET
H/1.1 200
OK logo.svg
corp.rakuten.co.jp/assets/img/common/ 2 KB
1 KB 1174ms
183ms Image
image/svg+xml 133.237.60.111
RAKUTEN Rakuten G...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corp.rakuten.co.jp/assets/img/common/logo.svg

Requested by

Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

133.237.60.111 , Japan, ASN23820 (RAKUTEN Rakuten Group, Inc., JP),

Reverse DNS

corp.rakuten.co.jp

Software

Apache /

Resource Hash

adf5fb1d90811bfe8d6ab1a3fcbba6966c94215548bfa8217d2ed9644e5dc629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 01 Jul 2018 14:56:09 GMT
Server: Apache
ETag: "72a-56ff14803d4d6-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: close
Accept-Ranges: bytes
Content-Length: 946
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 69ms
28ms Script
application/javascript 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: HTTP/1.1
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D2E) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:11:57 GMT
Content-Encoding: gzip
Age: 958
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (nyb/1D2E)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H/1.1 200
OK 20220517_4145315.png
img-cdn.jg.jugem.jp/d39/21822/ 3 KB
3 KB 98ms
61ms Image
image/png 2600:9000:254a:1a00:1d:8805:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img-cdn.jg.jugem.jp/d39/21822/20220517_4145315.png
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: HTTP/1.1
Server: 2600:9000:254a:1a00:1d:8805:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba4924716ed0580ae30f974eebb97421a2c10c1e2cf61e8ad60fcd39d8fbca30

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 03:00:35 GMT
x-amz-version-id: QtPh8sY4s9gFFdXTLELwj0FWismHs1v6
Via: 1.1 48a0ac8b67842a09a9b585c294dc3108.cloudfront.net (CloudFront)
Last-Modified: Mon, 16 May 2022 17:22:19 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MSP50-P2
Age: 43883
ETag: "5dc3fb68ca54c0446848c5786df4063c"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2909
X-Amz-Cf-Id: CKSlP7UOtwcHb3kp3Srx5EliqUwQaTLQ8J55--_jAyXiSpLw8O7zwg==

GET
H2 404 z18fckmg62hy9vx.png
i.loli.net/2020/06/27/ 14 KB
14 KB 827ms
36ms Image
image/png 2606:4700:20::681a:1be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.loli.net/2020/06/27/z18fckmg62hy9vx.png

Requested by

Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a810996e1b9632593734f13a465418280c6fc1ba72f1aff719577192dd47df85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:11:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 42047
etag: "5fc7a4db-37ba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7i8ujvUzmKGmHDfrLAEj8DKlTdbqvUosIqsntQEMrr3W%2BzAbeZLfhN4Ov9ylwqy8WDvuUBEvOMhfmDZNcsrSfMA2ouV8%2FAwJfDjfd1WOuNsAFutXByxRTjPUBgIq1w0d21tGVxc3ArE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
cf-ray: 7df758433c728cdd-EWR
alt-svc: h3=":443"; ma=86400
content-length: 14266

GET
H/1.1 200
OK uetop2.png
sleepingawake.org/ 1 KB
1 KB 1218ms
194ms Image
image/png 157.7.107.75
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sleepingawake.org/uetop2.png
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: HTTP/1.1
Server: 157.7.107.75 Naritahigashi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-75.virt.lolipop.jp
Software: Apache /
Resource Hash: e5026624c5b29b8e398d88b4ce18332e37e2db46704ed34697c4cbbe45683ecd

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Dec 2011 02:19:57 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: none
Content-Length: 1193

GET
H2 200 userblog_jugem_bnr.png
imaging.jugem.jp/user_blog/ad/ 33 KB
34 KB 43ms
42ms Image
image/png 2600:9000:254a:400:13:9454:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imaging.jugem.jp/user_blog/ad/userblog_jugem_bnr.png
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:254a:400:13:9454:1700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 439b43b7234d74128cdb70a2ad0e2528dc19232c0ec7449dd5601069da931484

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:11:23 GMT
via: 1.1 1fbbcee3d0a9a9f2dd5bf10778d22654.cloudfront.net (CloudFront)
last-modified: Wed, 31 Mar 2021 11:40:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1617184617/ctime:1617182882/gid:20/gname:staff/md5:dee800bc73e25f496e5a45693f07752d/mode:33188/mtime:1617182521/uid:503/uname:m.aoyama
x-amz-cf-pop: MSP50-P2
age: 32242
etag: "dee800bc73e25f496e5a45693f07752d"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 34203
x-amz-cf-id: _atzj9-aFLo8fXJqAKI98NuIflb7oIk9BJEQtqaSdO-AzXm20giIRw==

GET
H2

200

booklog_minishelf.js Show response
widget.booklog.jp/blogparts/js/
Redirect Chain

http://widget.booklog.jp/blogparts/js/booklog_minishelf.js?handwrite
https://widget.booklog.jp/blogparts/js/booklog_minishelf.js?handwrite

4 KB
5 KB

158ms
69ms

Script
application/javascript

54.230.202.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.booklog.jp/blogparts/js/booklog_minishelf.js?handwrite
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Server: 54.230.202.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-202-56.msp50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0bd398ef8e97aa407613f0d98cac2630096569c23495fa46516de00d04b6f674

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:11:57 GMT
via: 1.1 733555dc3e262ab7600bcb4af1e80756.cloudfront.net (CloudFront)
last-modified: Fri, 14 Aug 2020 03:41:49 GMT
server: AmazonS3
x-amz-cf-pop: MSP50-C2
age: 32629
etag: "382e494a6f83bfc877935e3fef2e5b02"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4415
x-amz-cf-id: NkSDvcGk1iVZ_koDlhHwKO1DxoUnhLkSyk_Lsp9c3U97a9Xv_-l8ZA==

Redirect headers

Date: Fri, 30 Jun 2023 15:11:57 GMT
Via: 1.1 b3c0326ca0796e8310cefb28443a7ec0.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: MSP50-C2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://widget.booklog.jp/blogparts/js/booklog_minishelf.js?handwrite
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: tlWoy36k0x3Y1wiqX04mAJwomcSrLhwz4BTK69yoV2fhKI9EsSUxxQ==

GET
H/1.1

200
OK

mingman Show response
api.booklog.jp/v2/json/
Redirect Chain

http://api.booklog.jp/json/mingman?category=0&count=15&callback=booklog_minishelf
http://api.booklog.jp/v2/json/mingman?category=0&count=15&callback=booklog_minishelf

4 KB
2 KB

1095ms
1095ms

Script
text/html

52.197.128.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://api.booklog.jp/v2/json/mingman?category=0&count=15&callback=booklog_minishelf
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: HTTP/1.1
Server: 52.197.128.148 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-128-148.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 43640aa7fa36c819c311bbae8212adc32e8ed3d16c21c45a8609560dc4cf6124

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:11:58 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Location: /v2/json/mingman?category=0&count=15&callback=booklog_minishelf
Date: Fri, 30 Jun 2023 15:11:57 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

/ Show response
www.ntv.co.jp/mobile/
Redirect Chain

http://www.ntv.co.jp/appli/serverdata/cooking/AC_OETags.js
https://www.ntv.co.jp/appli/serverdata/cooking/AC_OETags.js
https://www.ntv.co.jp/mobile/

0
0

383ms
382ms

Script
text/html

2600:9000:21fa:2200:18:99a3:d800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ntv.co.jp/mobile/
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Server: 2600:9000:21fa:2200:18:99a3:d800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date: Fri, 30 Jun 2023 15:11:58 GMT
via: 1.1 24d5e218dcc2925d4bfa8f6456f56a36.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MSP50-C1
x-cache: Miss from cloudfront
location: /mobile/
content-length: 0
x-amz-cf-id: oPfJw8KRunchX5Duk2yhgBB5n281nbEY9uUwUW6OmaJSe01xCSozTA==

GET
H2

200

/ Show response
www.ntv.co.jp/mobile/
Redirect Chain

http://www.ntv.co.jp/appli/serverdata/cooking/ntvKewpieCooking.js
https://www.ntv.co.jp/appli/serverdata/cooking/ntvKewpieCooking.js
https://www.ntv.co.jp/mobile/

0
0

374ms
373ms

Script
text/html

2600:9000:21fa:2200:18:99a3:d800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ntv.co.jp/mobile/
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Server: 2600:9000:21fa:2200:18:99a3:d800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date: Fri, 30 Jun 2023 15:11:58 GMT
via: 1.1 24d5e218dcc2925d4bfa8f6456f56a36.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MSP50-C1
x-cache: Miss from cloudfront
location: /mobile/
content-length: 0
x-amz-cf-id: -jtBYgD7I07R2EuBZlbrPrG8K4PhTadvM5o08eQDpfZK-CqRFOl5iA==

GET
H2

200

apstag.js Show response
c.amazon-adsystem.com/aax2/
Redirect Chain

http://c.amazon-adsystem.com/aax2/apstag.js
https://c.amazon-adsystem.com/aax2/apstag.js

236 KB
58 KB

476ms
40ms

Script
application/javascript

18.160.92.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Server: 18.160.92.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-92-44.msp50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83dd5a9512e50ec30c2a08621826980b7d9a59b2e40e2dfd42235e494eb4f456

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 14:57:08 GMT
content-encoding: gzip
via: 1.1 59b81441bdecd9de76068ebe80b6e96a.cloudfront.net (CloudFront), 1.1 0a7682e52ec0d34a2385a0d09b365afa.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 21:03:22 GMT
server: AmazonS3
x-amz-cf-pop: CMH68-P5, MSP50-P1
age: 890
x-amz-server-side-encryption: AES256
etag: W/"7c6a36eb4b73f6b7cf4a63a33418a2c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: rhwFTWnZgV6ZpzzkXrbuC9_QpxB2rLX37JiDDwxx_tQC86X2sB-8kw==

Redirect headers

Date: Fri, 30 Jun 2023 15:11:57 GMT
Via: 1.1 bb352451e1eacf85f8786ee3ecd07eca.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: MSP50-P1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://c.amazon-adsystem.com/aax2/apstag.js
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: 4BjNeddpO7rAmZA2es_pEhJAKBIHs4uzSAaQpnMKz976Q2XRUSJXVA==

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

52 KB
21 KB

494ms
33ms

Script
text/javascript

2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/

Protocol

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 13:18:40 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6797
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 30 Jun 2023 15:18:40 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 jg_ads_init_inactive.js Show response
imaging.jugem.jp/ad/ 3 KB
4 KB 123ms
34ms Script
application/javascript 2600:9000:254a:400:13:9454:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imaging.jugem.jp/ad/jg_ads_init_inactive.js?20130417b
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:254a:400:13:9454:1700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95bdfd6b0e09d82c645b3d4e4c96121b5a8f9a67b701d7e51c4ac0b33e291c47

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:00:09 GMT
via: 1.1 1fbbcee3d0a9a9f2dd5bf10778d22654.cloudfront.net (CloudFront)
last-modified: Thu, 29 May 2014 10:34:40 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:usr0600238/gid:20/mode:33188/mtime:1401342076/atime:1401358789/ctime:1401342076
x-amz-cf-pop: MSP50-P2
age: 83509
etag: "e712b97496720e0d8e99c03735339956"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3331
x-amz-cf-id: OVX9PRbL7-U4_S2BNDxWbJLfA1UTqvPFhRlfQ0fM2NC0bXGPLChBnA==

GET
H2 200 jg_ads_init_display2.js Show response
imaging.jugem.jp/ad/ 4 KB
5 KB 35ms
35ms Script
application/javascript 2600:9000:254a:400:13:9454:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imaging.jugem.jp/ad/jg_ads_init_display2.js?20131004
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:254a:400:13:9454:1700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b5992f584c253d4dc931307e5414c2e099fbcacc3191be8681fa3b34e5dce67

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:02:06 GMT
via: 1.1 1fbbcee3d0a9a9f2dd5bf10778d22654.cloudfront.net (CloudFront)
last-modified: Thu, 29 May 2014 10:34:40 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:usr0600238/gid:20/mode:33188/mtime:1401342076/atime:1401358789/ctime:1401342076
x-amz-cf-pop: MSP50-P2
age: 76192
etag: "47f8ffa622c5e66d000aa3723417381c"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4271
x-amz-cf-id: vSJBaRZo6NltiyPuXh5UJGq9cHBr8BasDa5lFEon3ITLgRkn4ns6kw==

GET 20110708_2024250.png
img.missvonsmith.sleepingawake.org/ 0
0

GET
H/1.1 200
OK e192.png
sleepingawake.org/temp-birdynite/ 127 KB
127 KB 954ms
187ms Image
image/png 157.7.107.75
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sleepingawake.org/temp-birdynite/e192.png
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/jm_style.css
Protocol: HTTP/1.1
Server: 157.7.107.75 Naritahigashi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-75.virt.lolipop.jp
Software: Apache /
Resource Hash: b8e20a5af47c489fe5618f4aa95d354e47bedde462e494d412d63e65678e306a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Dec 2011 01:59:30 GMT
Server: Apache
Transfer-Encoding: chunked
Vary: Range,Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: none

GET
H/1.1 200
OK birdyheaderimg.png
sleepingawake.org/temp-birdynite/ 103 KB
96 KB 958ms
192ms Image
image/png 157.7.107.75
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sleepingawake.org/temp-birdynite/birdyheaderimg.png
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/jm_style.css
Protocol: HTTP/1.1
Server: 157.7.107.75 Naritahigashi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-75.virt.lolipop.jp
Software: Apache /
Resource Hash: 0cc248beec8b69f5a104c7566a9d5d0351b8af6384da2913bf7c1462f26416d8

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Dec 2011 01:50:09 GMT
Server: Apache
Transfer-Encoding: chunked
Vary: Range,Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: none

GET
H/1.1 200
OK jm_style.css
crescent-star.jugem.jp/ 7 KB
7 KB 185ms
185ms Image
text/css 35.75.154.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://crescent-star.jugem.jp/jm_style.css
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/jm_style.css
Protocol: HTTP/1.1
Server: 35.75.154.223 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-75-154-223.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/jm_style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:11:57 GMT
Last-Modified: Wed, 14 Dec 2022 01:34:32 GMT
Server: nginx/1.18.0
ETag: "63992828-1cdb"
Content-Type: text/css
Cache-Control: max-age=180
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7387
Expires: Fri, 30 Jun 2023 15:14:57 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/ 392 KB
125 KB 34ms
33ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 13:36:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5722
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127514
x-xss-protection: 0
server: cafe
etag: 13498126467117012333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 29 Jun 2024 13:36:35 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 315ms
25ms XHR
application/json 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d4be49a1fb727d8504115ddecec10dba598d4bffb9060b22c5cf8a65c57796d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 30 Jun 2023 15:11:57 GMT
x-content-type-options: nosniff
content-encoding: br
age: 40266
x-jsd-version: 1.0.1736
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 843
x-served-by: cache-fra-eddf8230103-FRA, cache-ewr18144-EWR
x-jsd-version-type: version
etag: W/"63e-ESKl6iXYMygNAZ2dFQmeOgrJU+I"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

sdk.js Show response
connect.facebook.net/ja_JP/
Redirect Chain

http://connect.facebook.net/ja_JP/sdk.js
https://connect.facebook.net/ja_JP/sdk.js

3 KB
2 KB

98ms
30ms

Script
application/x-javascript

2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js

Requested by

Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/

Protocol

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6dc2e789c5bfb247704b0d1aab9006a3636cc34df648cd39ef1a749a6253f2c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 15:11:58 GMT
content-md5: esdsaL3nGAhtv5Bk5amyuA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1683
x-fb-debug: uM66DRKoYjET6L7NQNsOHeFaiH5IcmOJI+weBkk0Ra6CKzpLUnoDWyAC1ZmDVyw4xv1ZqTUQVgUcRWCO4VX3ig==
x-fb-content-md5: 53aec07a6a47f2c21d38af73713df7c3
cross-origin-opener-policy: same-origin-allow-popups
etag: "68f05b6441c49ee82dc64d277e34ca96"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:30:10 GMT

Redirect headers

Location: https://connect.facebook.net/ja_JP/sdk.js#xfbml=1&version=v2.5&appId=264046217008105
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H2 200 Collect Show response
a.flux.jp/analytics.collect.v1.CollectService/ 2 B
567 B 884ms
640ms XHR
application/json 34.160.89.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.89.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.89.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Jun 2023 15:11:58 GMT
content-encoding: gzip
via: 1.1 google
accept-encoding: gzip
server: Google Frontend
traceparent: 00-85f81318a567f7da829ee4b212369496-e38f1c722eef283e-00
vary: Origin
content-type: application/json
access-control-allow-origin: http://crescent-star.jugem.jp
access-control-expose-headers: Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context: 85f81318a567f7da829ee4b212369496/16397356045018540094
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26

GET
H/1.1 200
OK entrybg.png
sleepingawake.org/temp-birdynite/ 216 KB
216 KB 744ms
195ms Image
image/png 157.7.107.75
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sleepingawake.org/temp-birdynite/entrybg.png
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/jm_style.css
Protocol: HTTP/1.1
Server: 157.7.107.75 Naritahigashi, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-75.virt.lolipop.jp
Software: Apache /
Resource Hash: fe47b38358f1494210196965c28936a136dd03b387024d00c8c7737b460a3a72

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Dec 2011 01:44:01 GMT
Server: Apache
Transfer-Encoding: chunked
Vary: Range,Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: none

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
306 B 75ms
75ms XHR
text/plain 18.160.92.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3945&u=http%3A%2F%2Fcrescent-star.jugem.jp
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.92.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-92-44.msp50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:11:57 GMT
via: 1.1 0a7682e52ec0d34a2385a0d09b365afa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MSP50-P1
x-cache: Miss from cloudfront
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: t00Ckg5si8F-LiWR-JWHmuEkLNWamp4LO9d8JGIXdWPNMZkLtaMPeA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 138 B
583 B 266ms
155ms XHR
text/javascript 18.160.97.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3945&u=http%3A%2F%2Fcrescent-star.jugem.jp%2F&pid=iPMmB4EnxtlOk&cb=0&ws=1600x1200&v=23.612.1758&t=1000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1621996524994-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F66065524%2Fjugem_pc_inactive%2Fjugem_pc_inactive_footer_1_left%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1621996441547-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F66065524%2Fjugem_pc_inactive%2Fjugem_pc_inactive_footer_1_right%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1621996650583-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F66065524%2Fjugem_pc_inactive%2Fjugem_pc_inactive_header_left%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1621996615851-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F66065524%2Fjugem_pc_inactive%2Fjugem_pc_inactive_header_right%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1621996811310-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F66065524%2Fjugem_pc_inactive%2Fjugem_pc_inactive_footer_2_left%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1621996765744-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F66065524%2Fjugem_pc_inactive%2Fjugem_pc_inactive_footer_2_right%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.97.132 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-97-132.msp50.r.cloudfront.net

Software

Server /

Resource Hash

f0457e2978b1050f0bf7b8e79e1deb1973c8a7a22d330d4eec779bfdacd24e1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:11:58 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 ed8b80e5737f346295d71c88336826b6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MSP50-P1
x-amz-rid: 9P7Q9Y7PZWAY1NGZFQZ2
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://crescent-star.jugem.jp
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 138
x-amz-cf-id: D6XmOUWHWxsGRpYwYfka4BM_mUmnLe-guy3o5Pi1uzV3b1v-7V12ZA==

GET aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 0
0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 109ms
108ms XHR
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=803759924&t=pageview&_s=1&dl=http%3A%2F%2Fcrescent-star.jugem.jp%2F&ul=en-us&de=EUC-JP&dt=%E2%98%85blue%20crescent*star%E2%98%85second&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACAABBAAAAC~&jid=684035002&gjid=1462869152&cid=1672754536.1688137918&tid=UA-26106898-2&_gid=1443944505.1688137918&_r=1&_slc=1&cd1=0&cd2=none&cd3=none&cd8=none&cd9=none&cd10=none&z=34403735

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:11:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1019 B 127ms
50ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Tue, 06 Jun 2023 12:52:55 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1414562
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fYu08po0MvcRzfrqDB6pUvxxrT%2Bj5UYMzwSVtp3Gds8ft5UiXJqgZIedA0%2FrEFeJBuVhxHgrQprjF0PzjSBkfVEsnOBlgF22XepguvqGYlI75et2m4QFXjoAtLdgesZc8x8Xz9%2FK3vI2PwM"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7df75845cee18c47-EWR

POST
H2 200 prebid Show response
pb.ladsp.com/adrequest/ 91 B
477 B 629ms
190ms XHR
application/json 13.113.171.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.ladsp.com/adrequest/prebid
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.171.214 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-171-214.ap-northeast-1.compute.amazonaws.com
Software: Logicad/DADServer /
Resource Hash: e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:11:58 GMT
content-encoding: gzip
server: Logicad/DADServer
vary: Accept-Encoding, User-Agent
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type: application/json;charset=utf-8
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 104
expires: -1

POST
H2 200 prebid Show response
pb.ladsp.com/adrequest/ 91 B
476 B 630ms
191ms XHR
application/json 13.113.171.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.ladsp.com/adrequest/prebid
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.171.214 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-171-214.ap-northeast-1.compute.amazonaws.com
Software: Logicad/DADServer /
Resource Hash: e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:11:58 GMT
content-encoding: gzip
server: Logicad/DADServer
vary: Accept-Encoding, User-Agent
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type: application/json;charset=utf-8
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 104
expires: -1

POST
H2 200 prebid Show response
pb.ladsp.com/adrequest/ 91 B
476 B 793ms
355ms XHR
application/json 13.113.171.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.ladsp.com/adrequest/prebid
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.171.214 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-171-214.ap-northeast-1.compute.amazonaws.com
Software: Logicad/DADServer /
Resource Hash: e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:11:59 GMT
content-encoding: gzip
server: Logicad/DADServer
vary: Accept-Encoding, User-Agent
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type: application/json;charset=utf-8
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 104
expires: -1

POST
H2 200 prebid Show response
pb.ladsp.com/adrequest/ 91 B
476 B 790ms
353ms XHR
application/json 13.113.171.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.ladsp.com/adrequest/prebid
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.171.214 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-171-214.ap-northeast-1.compute.amazonaws.com
Software: Logicad/DADServer /
Resource Hash: e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:11:59 GMT
content-encoding: gzip
server: Logicad/DADServer
vary: Accept-Encoding, User-Agent
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type: application/json;charset=utf-8
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 104
expires: -1

POST
H2 200 prebid Show response
pb.ladsp.com/adrequest/ 91 B
476 B 795ms
358ms XHR
application/json 13.113.171.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.ladsp.com/adrequest/prebid
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.171.214 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-171-214.ap-northeast-1.compute.amazonaws.com
Software: Logicad/DADServer /
Resource Hash: e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:11:59 GMT
content-encoding: gzip
server: Logicad/DADServer
vary: Accept-Encoding, User-Agent
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type: application/json;charset=utf-8
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 104
expires: -1

POST
H2 200 prebid Show response
pb.ladsp.com/adrequest/ 91 B
476 B 798ms
361ms XHR
application/json 13.113.171.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.ladsp.com/adrequest/prebid
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.171.214 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-171-214.ap-northeast-1.compute.amazonaws.com
Software: Logicad/DADServer /
Resource Hash: e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:11:59 GMT
content-encoding: gzip
server: Logicad/DADServer
vary: Accept-Encoding, User-Agent
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type: application/json;charset=utf-8
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 104
expires: -1

POST
H2 204 bid Show response
rtb-jp.mediago.io/api/ 0
429 B 595ms
178ms XHR
text/plain 35.213.115.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-jp.mediago.io/api/bid?tn=8ae461f4f9768b7d69acf831d84e929d
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.115.3 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 3.115.213.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Jun 2023 15:11:58 GMT
content-encoding: gzip
via: 1.1 google
nbr: dsp
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: http://crescent-star.jugem.jp
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, Nbr, Dtt, Lid
dtt: 0
access-control-allow-credentials: true
vary: Accept-Encoding
rid: a81564e5b426a4d582c76d8ce3baf123
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
120 B 452ms
77ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://crescent-star.jugem.jp
date: Fri, 30 Jun 2023 15:11:58 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 prebid Show response
ad.as.amanad.adtdp.com/v2/ 68 B
751 B 580ms
174ms XHR
application/json 18.160.96.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.as.amanad.adtdp.com/v2/prebid?asi=l2CcyDz7g&skt=5&tid=f34bb293-085f-458b-9b94-e156dc02d654&prebid_id=23d9ce0c9260c8b&prebid_ver=7.29.0&page_url=http%3A%2F%2Fcrescent-star.jugem.jp%2F&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2278b372e7-0fef-425f-960e-cf7a799d731b%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.96.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-96-104.msp50.r.cloudfront.net

Software

Resource Hash

5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Jun 2023 15:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 da395de87b02a99be7cbefc91a6ab514.cloudfront.net (CloudFront)
x-amz-cf-pop: MSP50-P1
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 89
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: 15SfvITvEFvO6yCR7qYwZrMcxRQcD1KB6P8MGuVGp3dn2J5Vg4Wyyw==
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET
H2 200 prebid Show response
ad.as.amanad.adtdp.com/v2/ 68 B
750 B 579ms
173ms XHR
application/json 18.160.96.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.as.amanad.adtdp.com/v2/prebid?asi=uZj5sDknR&skt=5&tid=2c8d7855-608d-4174-bc0c-218ff962a567&prebid_id=2442cd3bb3efbeb&prebid_ver=7.29.0&page_url=http%3A%2F%2Fcrescent-star.jugem.jp%2F&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2278b372e7-0fef-425f-960e-cf7a799d731b%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.96.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-96-104.msp50.r.cloudfront.net

Software

Resource Hash

5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Jun 2023 15:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 da395de87b02a99be7cbefc91a6ab514.cloudfront.net (CloudFront)
x-amz-cf-pop: MSP50-P1
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 89
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: V9AjtJCWbY-x57XERoJZaU2U0jAjsaDuA1YkxumH7PfI0d04cUbD1A==
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET
H2 200 prebid Show response
ad.as.amanad.adtdp.com/v2/ 68 B
750 B 581ms
176ms XHR
application/json 18.160.96.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.as.amanad.adtdp.com/v2/prebid?asi=nm3csDknR&skt=5&tid=205dc95b-6d4a-430c-8941-56ffdd33e9db&prebid_id=25eb498ae095e0a&prebid_ver=7.29.0&page_url=http%3A%2F%2Fcrescent-star.jugem.jp%2F&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2278b372e7-0fef-425f-960e-cf7a799d731b%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.96.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-96-104.msp50.r.cloudfront.net

Software

Resource Hash

5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Jun 2023 15:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 da395de87b02a99be7cbefc91a6ab514.cloudfront.net (CloudFront)
x-amz-cf-pop: MSP50-P1
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 89
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: NQmhsU36GmPj4fxqMSf5b7xG-g_oc-bBQKI7YY_-tsxeHXHwhshczQ==
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET
H2 200 prebid Show response
ad.as.amanad.adtdp.com/v2/ 68 B
750 B 726ms
320ms XHR
application/json 18.160.96.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.as.amanad.adtdp.com/v2/prebid?asi=jwCcsvznR&skt=5&tid=d92c229d-536e-4282-a27d-c7f639e7ddaa&prebid_id=262fd9510cbb694&prebid_ver=7.29.0&page_url=http%3A%2F%2Fcrescent-star.jugem.jp%2F&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2278b372e7-0fef-425f-960e-cf7a799d731b%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.96.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-96-104.msp50.r.cloudfront.net

Software

Resource Hash

5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Jun 2023 15:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 da395de87b02a99be7cbefc91a6ab514.cloudfront.net (CloudFront)
x-amz-cf-pop: MSP50-P1
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 89
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: ENvmYgrIE6jo4y9uORZ5_6ZBqXkV22o5ob3t2Q1PH_GQPSzI6P35Ag==
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET
H2 200 prebid Show response
ad.as.amanad.adtdp.com/v2/ 68 B
752 B 580ms
175ms XHR
application/json 18.160.96.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.as.amanad.adtdp.com/v2/prebid?asi=TP35svzng&skt=5&tid=f841e35e-661f-4c18-ab18-d8ebebf54a1d&prebid_id=2788a2fc98648a6&prebid_ver=7.29.0&page_url=http%3A%2F%2Fcrescent-star.jugem.jp%2F&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2278b372e7-0fef-425f-960e-cf7a799d731b%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.96.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-96-104.msp50.r.cloudfront.net

Software

Resource Hash

5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Jun 2023 15:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 da395de87b02a99be7cbefc91a6ab514.cloudfront.net (CloudFront)
x-amz-cf-pop: MSP50-P1
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 89
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: XVgKJbMKdHI_EUYpkYTV1JkZ2XAwPe_K6jk3PnfV-hETjgUEUjBRQg==
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET
H2 200 prebid Show response
ad.as.amanad.adtdp.com/v2/ 68 B
749 B 723ms
318ms XHR
application/json 18.160.96.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.as.amanad.adtdp.com/v2/prebid?asi=htqcsDk7g&skt=5&tid=a08b0efc-a329-43c7-a13e-74bf85be66cb&prebid_id=28c23212ca93d98&prebid_ver=7.29.0&page_url=http%3A%2F%2Fcrescent-star.jugem.jp%2F&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2278b372e7-0fef-425f-960e-cf7a799d731b%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.96.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-96-104.msp50.r.cloudfront.net

Software

Resource Hash

5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Jun 2023 15:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 da395de87b02a99be7cbefc91a6ab514.cloudfront.net (CloudFront)
x-amz-cf-pop: MSP50-P1
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 89
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: GWTtsnatg-_xhik2wBYO_Jfthl7tdQy2j4BIAs9cInYvrGkKzGP7Jg==
expires: Thu, 01 Jan 1970 09:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 1 KB
1 KB 548ms
154ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cef8b01e6f2dcf9e9447a40cad17bfd386a2695859eb124d58c97cbb8a567ae

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-las
date: Fri, 30 Jun 2023 15:11:58 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Seats Booster. unable to get the seat booster engine for organization: 1044
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7df758483cc6d14f-BUF
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
200 B 438ms
77ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.29.0&cb=96664662636&lsavail=1

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://crescent-star.jugem.jp
date: Fri, 30 Jun 2023 15:11:58 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 396 B
926 B 453ms
77ms XHR
application/json 2602:803:c002:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20510&site_id=463978&zone_id=2726874&size_id=15&rp_schain=1.0,1!flux-g.com,1000024,1,,,&eid_pubcid.org=78b372e7-0fef-425f-960e-cf7a799d731b%5E1&rf=http%3A%2F%2Fcrescent-star.jugem.jp%2F&tg_i.page=http%3A%2F%2Fcrescent-star.jugem.jp%2F&tg_i.domain=crescent-star.jugem.jp&tg_i.pbadslot=%2F66065524%2Fjugem_pc_inactive%2Fjugem_pc_inactive_footer_1_left&tk_flint=pbjs_lite_v7.29.0&x_source.tid=f34bb293-085f-458b-9b94-e156dc02d654&l_pb_bid_id=44e6e1aeaf638ad&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F66065524%2Fjugem_pc_inactive%2Fjugem_pc_inactive_footer_1_left&slots=1&rand=0.3289742083471434
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 480fed0d49491b848ae416d3c96607a3c82b09bbc80bf14f9121a9aa2d3a30ae

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:11:58 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 396
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 397 B
747 B 462ms
86ms XHR
application/json 2602:803:c002:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20510&site_id=463978&zone_id=2726872&size_id=15&rp_schain=1.0,1!flux-g.com,1000024,1,,,&eid_pubcid.org=78b372e7-0fef-425f-960e-cf7a799d731b%5E1&rf=http%3A%2F%2Fcrescent-star.jugem.jp%2F&tg_i.page=http%3A%2F%2Fcrescent-star.jugem.jp%2F&tg_i.domain=crescent-star.jugem.jp&tg_i.pbadslot=%2F66065524%2Fjugem_pc_inactive%2Fjugem_pc_inactive_footer_1_right&tk_flint=pbjs_lite_v7.29.0&x_source.tid=2c8d7855-608d-4174-bc0c-218ff962a567&l_pb_bid_id=4589cd1da6091fd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F66065524%2Fjugem_pc_inactive%2Fjugem_pc_inactive_footer_1_right&slots=1&rand=0.3679902097297969
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e190b21421e65a542b6a68d96c3254ce3064fcfe078d165321611ebf2c4aeaa6

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:11:58 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 397
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 394 B
745 B 476ms
102ms XHR
application/json 2602:803:c002:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20510&site_id=463978&zone_id=2726878&size_id=15&rp_schain=1.0,1!flux-g.com,1000024,1,,,&eid_pubcid.org=78b372e7-0fef-425f-960e-cf7a799d731b%5E1&rf=http%3A%2F%2Fcrescent-star.jugem.jp%2F&tg_i.page=http%3A%2F%2Fcrescent-star.jugem.jp%2F&tg_i.domain=crescent-star.jugem.jp&tg_i.pbadslot=%2F66065524%2Fjugem_pc_inactive%2Fjugem_pc_inactive_header_left&tk_flint=pbjs_lite_v7.29.0&x_source.tid=205dc95b-6d4a-430c-8941-56ffdd33e9db&l_pb_bid_id=4602dc02dbe10cc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F66065524%2Fjugem_pc_inactive%2Fjugem_pc_inactive_header_left&slots=1&rand=0.6775693481142058
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fa55e2e766c0266f340fc86f346da190d8d073a6857ed65ca3967f7c2ff9aab2

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:11:58 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 394
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 458ms
84ms XHR
application/json 2602:803:c002:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20510&site_id=463978&zone_id=2726876&size_id=15&rp_schain=1.0,1!flux-g.com,1000024,1,,,&eid_pubcid.org=78b372e7-0fef-425f-960e-cf7a799d731b%5E1&rf=http%3A%2F%2Fcrescent-star.jugem.jp%2F&tg_i.page=http%3A%2F%2Fcrescent-star.jugem.jp%2F&tg_i.domain=crescent-star.jugem.jp&tg_i.pbadslot=%2F66065524%2Fjugem_pc_inactive%2Fjugem_pc_inactive_header_right&tk_flint=pbjs_lite_v7.29.0&x_source.tid=d92c229d-536e-4282-a27d-c7f639e7ddaa&l_pb_bid_id=47a77b6e58d4695&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F66065524%2Fjugem_pc_inactive%2Fjugem_pc_inactive_header_right&slots=1&rand=0.797398715926871
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3323b0eb9d4fbf36a032d5f37291c58077f9feceb7dffb7fb5c4a681cc8fd5b2

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:11:58 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 396 B
747 B 460ms
87ms XHR
application/json 2602:803:c002:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20510&site_id=463978&zone_id=2726882&size_id=15&rp_schain=1.0,1!flux-g.com,1000024,1,,,&eid_pubcid.org=78b372e7-0fef-425f-960e-cf7a799d731b%5E1&rf=http%3A%2F%2Fcrescent-star.jugem.jp%2F&tg_i.page=http%3A%2F%2Fcrescent-star.jugem.jp%2F&tg_i.domain=crescent-star.jugem.jp&tg_i.pbadslot=%2F66065524%2Fjugem_pc_inactive%2Fjugem_pc_inactive_footer_2_left&tk_flint=pbjs_lite_v7.29.0&x_source.tid=f841e35e-661f-4c18-ab18-d8ebebf54a1d&l_pb_bid_id=4837ce3f24d202b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F66065524%2Fjugem_pc_inactive%2Fjugem_pc_inactive_footer_2_left&slots=1&rand=0.3708403407220673
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: da49c88bc42d8085f685f8c1e23a901d444697250efe38c9359e40ed2a746781

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:11:58 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 396
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 397 B
747 B 457ms
85ms XHR
application/json 2602:803:c002:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20510&site_id=463978&zone_id=2726880&size_id=15&rp_schain=1.0,1!flux-g.com,1000024,1,,,&eid_pubcid.org=78b372e7-0fef-425f-960e-cf7a799d731b%5E1&rf=http%3A%2F%2Fcrescent-star.jugem.jp%2F&tg_i.page=http%3A%2F%2Fcrescent-star.jugem.jp%2F&tg_i.domain=crescent-star.jugem.jp&tg_i.pbadslot=%2F66065524%2Fjugem_pc_inactive%2Fjugem_pc_inactive_footer_2_right&tk_flint=pbjs_lite_v7.29.0&x_source.tid=a08b0efc-a329-43c7-a13e-74bf85be66cb&l_pb_bid_id=49602ae1e13ff19&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F66065524%2Fjugem_pc_inactive%2Fjugem_pc_inactive_footer_2_right&slots=1&rand=0.32501944991422915
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d5ae9296b66023df71d2b945a770ff110e9ca1a6bc8fe181584c40a8ecdb3185

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:11:58 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 397
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1

200
OK

h_bid Show response
y.one.impact-ad.jp/ul_cb/
Redirect Chain

https://y.one.impact-ad.jp/h_bid?v=hb1&p=127832&cb=23839154134&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=5146b64181dd702&tid=f34bb293-085f-458b-9b94-e156dc02d654&uc=div-gpt-ad-1621996524994-0&tm...
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127832&cb=23839154134&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=5146b64181dd702&tid=f34bb293-085f-458b-9b94-e156dc02d654&uc=div-gpt-ad-162199652499...

133 B
1 KB

276ms
273ms

XHR
application/json

35.213.109.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127832&cb=23839154134&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=5146b64181dd702&tid=f34bb293-085f-458b-9b94-e156dc02d654&uc=div-gpt-ad-1621996524994-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: HTTP/1.1
Server: 35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 249.109.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: fa83349cf3a8d278f74dcdf4d6fa451596747b7d28e9abefa6a4f700f4e5023c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:11:59 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://crescent-star.jugem.jp
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 128

Redirect headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
Server: nginx
Access-Control-Allow-Origin: http://crescent-star.jugem.jp
Location: https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127832&cb=23839154134&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=5146b64181dd702&tid=f34bb293-085f-458b-9b94-e156dc02d654&uc=div-gpt-ad-1621996524994-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

h_bid Show response
y.one.impact-ad.jp/ul_cb/
Redirect Chain

https://y.one.impact-ad.jp/h_bid?v=hb1&p=127831&cb=93680626240&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=52f234f0a5e1746&tid=2c8d7855-608d-4174-bc0c-218ff962a567&uc=div-gpt-ad-1621996441547-0&tm...
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127831&cb=93680626240&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=52f234f0a5e1746&tid=2c8d7855-608d-4174-bc0c-218ff962a567&uc=div-gpt-ad-162199644154...

133 B
1008 B

250ms
248ms

XHR
application/json

35.213.109.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127831&cb=93680626240&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=52f234f0a5e1746&tid=2c8d7855-608d-4174-bc0c-218ff962a567&uc=div-gpt-ad-1621996441547-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: HTTP/1.1
Server: 35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 249.109.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 24b1a39a7bc0cefbf98bdc5c0fc20ac271f076eee072a53492b0262efba18fb2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:11:59 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://crescent-star.jugem.jp
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 128

Redirect headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
Server: nginx
Access-Control-Allow-Origin: http://crescent-star.jugem.jp
Location: https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127831&cb=93680626240&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=52f234f0a5e1746&tid=2c8d7855-608d-4174-bc0c-218ff962a567&uc=div-gpt-ad-1621996441547-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

h_bid Show response
y.one.impact-ad.jp/ul_cb/
Redirect Chain

https://y.one.impact-ad.jp/h_bid?v=hb1&p=127834&cb=49458094512&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=533bf7211eeb948&tid=205dc95b-6d4a-430c-8941-56ffdd33e9db&uc=div-gpt-ad-1621996650583-0&tm...
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127834&cb=49458094512&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=533bf7211eeb948&tid=205dc95b-6d4a-430c-8941-56ffdd33e9db&uc=div-gpt-ad-162199665058...

133 B
1008 B

305ms
302ms

XHR
application/json

35.213.109.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127834&cb=49458094512&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=533bf7211eeb948&tid=205dc95b-6d4a-430c-8941-56ffdd33e9db&uc=div-gpt-ad-1621996650583-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: HTTP/1.1
Server: 35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 249.109.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4286950cc711774cca06e8c6476643fc458f670082a370fa914a22a4b4e01128

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:11:59 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://crescent-star.jugem.jp
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 128

Redirect headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
Server: nginx
Access-Control-Allow-Origin: http://crescent-star.jugem.jp
Location: https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127834&cb=49458094512&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=533bf7211eeb948&tid=205dc95b-6d4a-430c-8941-56ffdd33e9db&uc=div-gpt-ad-1621996650583-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

h_bid Show response
y.one.impact-ad.jp/ul_cb/
Redirect Chain

https://y.one.impact-ad.jp/h_bid?v=hb1&p=127833&cb=39080845809&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=54ce50f40f2682b&tid=d92c229d-536e-4282-a27d-c7f639e7ddaa&uc=div-gpt-ad-1621996615851-0&tm...
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127833&cb=39080845809&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=54ce50f40f2682b&tid=d92c229d-536e-4282-a27d-c7f639e7ddaa&uc=div-gpt-ad-162199661585...

133 B
1007 B

331ms
328ms

XHR
application/json

35.213.109.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127833&cb=39080845809&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=54ce50f40f2682b&tid=d92c229d-536e-4282-a27d-c7f639e7ddaa&uc=div-gpt-ad-1621996615851-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: HTTP/1.1
Server: 35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 249.109.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: dcba511aea1b5b912afdc9446df5d4aef131a3b8fac66ae9ce2e2a1be934ff38

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:11:59 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://crescent-star.jugem.jp
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 127

Redirect headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
Server: nginx
Access-Control-Allow-Origin: http://crescent-star.jugem.jp
Location: https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127833&cb=39080845809&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=54ce50f40f2682b&tid=d92c229d-536e-4282-a27d-c7f639e7ddaa&uc=div-gpt-ad-1621996615851-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

h_bid Show response
y.one.impact-ad.jp/ul_cb/
Redirect Chain

https://y.one.impact-ad.jp/h_bid?v=hb1&p=127836&cb=91932236485&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=55f25ac60ffad3f&tid=f841e35e-661f-4c18-ab18-d8ebebf54a1d&uc=div-gpt-ad-1621996811310-0&tm...
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127836&cb=91932236485&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=55f25ac60ffad3f&tid=f841e35e-661f-4c18-ab18-d8ebebf54a1d&uc=div-gpt-ad-162199681131...

133 B
1007 B

251ms
248ms

XHR
application/json

35.213.109.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127836&cb=91932236485&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=55f25ac60ffad3f&tid=f841e35e-661f-4c18-ab18-d8ebebf54a1d&uc=div-gpt-ad-1621996811310-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: HTTP/1.1
Server: 35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 249.109.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d45e3373cd667f5c8106f7620b283775dccaa151e58e003e047a3fb5b9180f58

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:11:59 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://crescent-star.jugem.jp
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 127

Redirect headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
Server: nginx
Access-Control-Allow-Origin: http://crescent-star.jugem.jp
Location: https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127836&cb=91932236485&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=55f25ac60ffad3f&tid=f841e35e-661f-4c18-ab18-d8ebebf54a1d&uc=div-gpt-ad-1621996811310-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

h_bid Show response
y.one.impact-ad.jp/ul_cb/
Redirect Chain

https://y.one.impact-ad.jp/h_bid?v=hb1&p=127835&cb=68107594598&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=56397bd20ae3fc6&tid=a08b0efc-a329-43c7-a13e-74bf85be66cb&uc=div-gpt-ad-1621996765744-0&tm...
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127835&cb=68107594598&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=56397bd20ae3fc6&tid=a08b0efc-a329-43c7-a13e-74bf85be66cb&uc=div-gpt-ad-162199676574...

133 B
1008 B

252ms
249ms

XHR
application/json

35.213.109.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127835&cb=68107594598&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=56397bd20ae3fc6&tid=a08b0efc-a329-43c7-a13e-74bf85be66cb&uc=div-gpt-ad-1621996765744-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: HTTP/1.1
Server: 35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 249.109.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6f67a6c65335b24e4cefa4f5466110d56890e8c086616c41301af882d609582b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:11:59 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://crescent-star.jugem.jp
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 128

Redirect headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
Server: nginx
Access-Control-Allow-Origin: http://crescent-star.jugem.jp
Location: https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=127835&cb=68107594598&r=http%3A%2F%2Fcrescent-star.jugem.jp%2F&uid=56397bd20ae3fc6&tid=a08b0efc-a329-43c7-a13e-74bf85be66cb&uc=div-gpt-ad-1621996765744-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
627 B 394ms
44ms XHR
application/json 34.225.41.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.29.0&referrer=http%3A%2F%2Fcrescent-star.jugem.jp%2F&tmax=2000

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.41.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-225-41-163.compute-1.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:11:58 GMT
accept-ch: sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness
x-auction-status: 12, 12, 12, 12, 12, 12
content-type: application/json; charset=utf-8
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
551 B 369ms
60ms XHR
application/json 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=691306
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ad364d4a92207e286fdedef87c4ebcf87e2f1053528f89ca48206a49e259afb

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:11:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FlJS0f4BWFGtLXS5zCylcdFWfIn6IjK8J02eDCpEVvViHR4NuWKyV45CjuTt2b4pSApnuc0OYRhvDoXFHhG7Onzz9xoCvelWXgNLZBMv1PTKdlj6bdbY9VEoZAqEeHIT0sMQN%2B7"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7df758481f5738e1-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
317 B 371ms
64ms XHR
application/json 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=691306
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ad364d4a92207e286fdedef87c4ebcf87e2f1053528f89ca48206a49e259afb

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:11:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2B%2FMs2B8GxzRpuRtsTQ27M9cnzZPwjq20%2BQ9XaqohY%2Fph7f3qDhQXQeSAusBMUy1VNcxPhQ%2FAMLRBLxi%2BaVvX6R8gqUaF4D7As4XlfIw8Kg9xTPpOcRP0OiIOJHGyWtQ%2Fq5zlJkI"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7df758481f5838e1-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

GET
H/1.1 200
OK v1 Show response
d.socdm.com/adsv/ 1 KB
2 KB 959ms
569ms XHR
application/json 202.241.208.100
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.socdm.com/adsv/v1?posall=SSPLOC&id=135635&sdktype=0&hb=true&t=json3&transactionid=f34bb293-085f-458b-9b94-e156dc02d654&sizes=300x250&currency=JPY&pbver=7.29.0&sdkname=prebidjs&adapterver=1.4.0&imark=1&tp=http%3A%2F%2Fcrescent-star.jugem.jp%2F
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.100 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: b4ca25f992ebe8d663684ec5884478312907d2f9b5c10c1c850f722757667488

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 30 Jun 2023 15:11:59 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/adsv\/v1?posall=SSPLOC&id=135635&sdktype=0&hb=true&t=json3&transactionid=f34bb293-085f-458b-9b94-e156dc02d654&sizes=300x250&currency=JPY&pbver=7.29.0&sdkname=prebidjs&adapterver=1.4.0&imark=1&tp=http%3A%2F%2Fcrescent-star.jugem.jp%2F","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.40","key":"ZJ7wvsCo5tAAAO2JaHUAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad114"}
X-SO-Key: ZJ7wvsCo5tAAAO2JaHUAAAAA
X-SO-Upstream-ID: m-ad114
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad114.dc4p.scaleout.jp
Connection: keep-alive
Content-Length: 1096
X-SO-IP: 96.9.249.40
X-SO-Cluster-ID: 0
Server: nginx
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://crescent-star.jugem.jp
Cache-Control: private
Access-Control-Allow-Credentials: true
X-SO-Ads-Time: 367
X-SO-LB-Hostname: a-tgng40012.dc2p.scaleout.jp

GET
H/1.1 200
OK v1 Show response
d.socdm.com/adsv/ 1 KB
2 KB 615ms
225ms XHR
application/json 202.241.208.100
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.socdm.com/adsv/v1?posall=SSPLOC&id=135634&sdktype=0&hb=true&t=json3&transactionid=2c8d7855-608d-4174-bc0c-218ff962a567&sizes=300x250&currency=JPY&pbver=7.29.0&sdkname=prebidjs&adapterver=1.4.0&imark=1&tp=http%3A%2F%2Fcrescent-star.jugem.jp%2F
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.100 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: de26e1aa9d0eb01758fc47226ac99a9dbf123f53e1b579f959854c9611e10fc3

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/adsv\/v1?posall=SSPLOC&id=135634&sdktype=0&hb=true&t=json3&transactionid=2c8d7855-608d-4174-bc0c-218ff962a567&sizes=300x250&currency=JPY&pbver=7.29.0&sdkname=prebidjs&adapterver=1.4.0&imark=1&tp=http%3A%2F%2Fcrescent-star.jugem.jp%2F","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.40","key":"ZJ7wvsCo5swAAHd26VIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40066"}
X-SO-Key: ZJ7wvsCo5swAAHd26VIAAAAA
X-SO-Upstream-ID: a-ad40066
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: a-ad40066.dc2p.scaleout.jp
Connection: keep-alive
Content-Length: 1102
X-SO-IP: 96.9.249.40
X-SO-Cluster-ID: 0
Server: nginx
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://crescent-star.jugem.jp
Cache-Control: private
Access-Control-Allow-Credentials: true
X-SO-Ads-Time: 43
X-SO-LB-Hostname: a-tgng40008.dc2p.scaleout.jp

GET
H/1.1 200
OK v1 Show response
d.socdm.com/adsv/ 1 KB
2 KB 603ms
213ms XHR
application/json 202.241.208.100
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.socdm.com/adsv/v1?posall=SSPLOC&id=135637&sdktype=0&hb=true&t=json3&transactionid=205dc95b-6d4a-430c-8941-56ffdd33e9db&sizes=300x250&currency=JPY&pbver=7.29.0&sdkname=prebidjs&adapterver=1.4.0&imark=1&tp=http%3A%2F%2Fcrescent-star.jugem.jp%2F
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.100 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: f6ee2e08f2a603226c71cbccf99e2e88fc8af9643092ba1d44251eb5ca2dedf5

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/adsv\/v1?posall=SSPLOC&id=135637&sdktype=0&hb=true&t=json3&transactionid=205dc95b-6d4a-430c-8941-56ffdd33e9db&sizes=300x250&currency=JPY&pbver=7.29.0&sdkname=prebidjs&adapterver=1.4.0&imark=1&tp=http%3A%2F%2Fcrescent-star.jugem.jp%2F","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.40","key":"ZJ7wvsCo5ucAAOyqiI4AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad408"}
X-SO-Key: ZJ7wvsCo5ucAAOyqiI4AAAAA
X-SO-Upstream-ID: m-ad408
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad408.dc4p.scaleout.jp
Connection: keep-alive
Content-Length: 1096
X-SO-IP: 96.9.249.40
X-SO-Cluster-ID: 0
Server: nginx
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://crescent-star.jugem.jp
Cache-Control: private
Access-Control-Allow-Credentials: true
X-SO-Ads-Time: 32
X-SO-LB-Hostname: a-tgng40016.dc2p.scaleout.jp

GET
H/1.1 200
OK v1 Show response
d.socdm.com/adsv/ 1 KB
2 KB 708ms
319ms XHR
application/json 202.241.208.100
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.socdm.com/adsv/v1?posall=SSPLOC&id=135636&sdktype=0&hb=true&t=json3&transactionid=d92c229d-536e-4282-a27d-c7f639e7ddaa&sizes=300x250&currency=JPY&pbver=7.29.0&sdkname=prebidjs&adapterver=1.4.0&imark=1&tp=http%3A%2F%2Fcrescent-star.jugem.jp%2F
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.100 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: b8764a733287aa55af9cd28dfaed66d9259c371c3eb6af9b6aa9375d01411940

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 30 Jun 2023 15:11:59 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/adsv\/v1?posall=SSPLOC&id=135636&sdktype=0&hb=true&t=json3&transactionid=d92c229d-536e-4282-a27d-c7f639e7ddaa&sizes=300x250&currency=JPY&pbver=7.29.0&sdkname=prebidjs&adapterver=1.4.0&imark=1&tp=http%3A%2F%2Fcrescent-star.jugem.jp%2F","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.40","key":"ZJ7wvsCo5uYAAJoatdoAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad1006"}
X-SO-Key: ZJ7wvsCo5uYAAJoatdoAAAAA
X-SO-Upstream-ID: m-ad1006
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad1006.dc4p.scaleout.jp
Connection: keep-alive
Content-Length: 1099
X-SO-IP: 96.9.249.40
X-SO-Cluster-ID: 0
Server: nginx
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://crescent-star.jugem.jp
Cache-Control: private
Access-Control-Allow-Credentials: true
X-SO-Ads-Time: 138
X-SO-LB-Hostname: a-tgng40015.dc2p.scaleout.jp

GET
H/1.1 200
OK v1 Show response
d.socdm.com/adsv/ 1 KB
2 KB 602ms
212ms XHR
application/json 202.241.208.100
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.socdm.com/adsv/v1?posall=SSPLOC&id=135639&sdktype=0&hb=true&t=json3&transactionid=f841e35e-661f-4c18-ab18-d8ebebf54a1d&sizes=300x250&currency=JPY&pbver=7.29.0&sdkname=prebidjs&adapterver=1.4.0&imark=1&tp=http%3A%2F%2Fcrescent-star.jugem.jp%2F
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.100 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 0de301d1466e7cc63db79b1e7da44aff35b8cf37cd18a8d19b74ce83ddc496b9

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/adsv\/v1?posall=SSPLOC&id=135639&sdktype=0&hb=true&t=json3&transactionid=f841e35e-661f-4c18-ab18-d8ebebf54a1d&sizes=300x250&currency=JPY&pbver=7.29.0&sdkname=prebidjs&adapterver=1.4.0&imark=1&tp=http%3A%2F%2Fcrescent-star.jugem.jp%2F","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.40","key":"ZJ7wvsCo5ssAAHHQpKoAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad438"}
X-SO-Key: ZJ7wvsCo5ssAAHHQpKoAAAAA
X-SO-Upstream-ID: m-ad438
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad438.dc4p.scaleout.jp
Connection: keep-alive
Content-Length: 1096
X-SO-IP: 96.9.249.40
X-SO-Cluster-ID: 0
Server: nginx
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://crescent-star.jugem.jp
Cache-Control: private
Access-Control-Allow-Credentials: true
X-SO-Ads-Time: 31
X-SO-LB-Hostname: a-tgng40007.dc2p.scaleout.jp

GET
H/1.1 200
OK v1 Show response
d.socdm.com/adsv/ 1 KB
2 KB 606ms
217ms XHR
application/json 202.241.208.100
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.socdm.com/adsv/v1?posall=SSPLOC&id=135638&sdktype=0&hb=true&t=json3&transactionid=a08b0efc-a329-43c7-a13e-74bf85be66cb&sizes=300x250&currency=JPY&pbver=7.29.0&sdkname=prebidjs&adapterver=1.4.0&imark=1&tp=http%3A%2F%2Fcrescent-star.jugem.jp%2F
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.100 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: e56b9c02c24b9f840ef5520a4dc9684582767cb3f75d45d66d39488d8865d65c

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/adsv\/v1?posall=SSPLOC&id=135638&sdktype=0&hb=true&t=json3&transactionid=a08b0efc-a329-43c7-a13e-74bf85be66cb&sizes=300x250&currency=JPY&pbver=7.29.0&sdkname=prebidjs&adapterver=1.4.0&imark=1&tp=http%3A%2F%2Fcrescent-star.jugem.jp%2F","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.40","key":"ZJ7wvsCo5tIAAIlkj7IAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad1030"}
X-SO-Key: ZJ7wvsCo5tIAAIlkj7IAAAAA
X-SO-Upstream-ID: m-ad1030
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad1030.dc4p.scaleout.jp
Connection: keep-alive
Content-Length: 1099
X-SO-IP: 96.9.249.40
X-SO-Cluster-ID: 0
Server: nginx
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://crescent-star.jugem.jp
Cache-Control: private
Access-Control-Allow-Credentials: true
X-SO-Ads-Time: 32
X-SO-LB-Hostname: a-tgng40014.dc2p.scaleout.jp

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
184 B 804ms
272ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://crescent-star.jugem.jp
date: Fri, 30 Jun 2023 15:11:59 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
827 B 341ms
38ms XHR
application/json 68.67.179.113
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.113 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:11:58 GMT
AN-X-Request-Uuid: 08f3a6c7-b99d-43cb-9ae2-fe27fd3aaa10
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://crescent-star.jugem.jp
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 96.9.249.40; 96.9.249.40; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
350 B 287ms
45ms XHR
text/plain 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-26106898-2&cid=1672754536.1688137918&jid=684035002&gjid=1462869152&_gid=1443944505.1688137918&_u=YGBACAAABAAAAC~&z=1391715161

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 30 Jun 2023 15:11:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 Collect Show response
a.flux.jp/analytics.collect.v1.CollectService/ 2 B
263 B 713ms
713ms XHR
application/json 34.160.89.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.89.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.89.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Jun 2023 15:11:59 GMT
content-encoding: gzip
via: 1.1 google
accept-encoding: gzip
server: Google Frontend
traceparent: 00-8fcd3eb68b8c5285d79d1813bde3ef59-e51aefb0b58d5622-00
vary: Origin
content-type: application/json
access-control-allow-origin: http://crescent-star.jugem.jp
access-control-expose-headers: Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context: 8fcd3eb68b8c5285d79d1813bde3ef59/16508770926319195682
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26

GET
H3 200 sdk.js Show response
connect.facebook.net/ja_JP/ 302 KB
86 KB 63ms
30ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js?hash=dc5e3e395e7b3395e7fee8133cdccd76

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/ja_JP/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9a8049071870d7f1568c4a93ded757a4c90cf45669d03ca2720ca90f872fbe7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://crescent-star.jugem.jp/
Origin: http://crescent-star.jugem.jp
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 15:11:58 GMT
content-md5: nVa3u2SukaOGfrSk/IN14w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87483
x-fb-debug: BErbqbewFdGHinxpsfA9Q8JAefwM3CL23M9Uo1cYHbbC+Qt5toly721fdfUAf+BNOu+xEhMf2dBkd+otID/bHA==
x-fb-content-md5: 47df0ef19265b012c36f0e94e71bfea1
cross-origin-opener-policy: same-origin-allow-popups
etag: "2328439955099ed61ef7324fef54aab1"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 29 Jun 2024 14:58:29 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
23 KB 455ms
385ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
Content-Encoding: br
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 12:52:54 GMT
Server: cloudflare
ETag: W/"845b176368f98c92daf7aa531dcbc491"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFG9xqMSZV52spQjLsysIgtaKnVKLZx4xkOlECzi3HE%2Bs1Rtjb7Ev4kEuQyP38GD5G3n4Ji54UezqB%2Bfss1K8Uv%2Fb2gBm6QnRPdid%2BQXirWIzzow5l1IhN0APZ9WTKZ1dtoPLfMkK%2BGgRJXq"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7df758475de34340-EWR

GET
H2 200 51HXM9NbVGL._SL75_.jpg
m.media-amazon.com/images/I/ 2 KB
2 KB 207ms
43ms Image
image/jpeg 2a04:4e42:600::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51HXM9NbVGL._SL75_.jpg
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f1ab12e73c6fa61affcedc157eac50eb781da8576aeb5f7509bcc5cfaa2cfc81

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Wed, 10 Jun 2043 06:52:44 GMT
date: Fri, 30 Jun 2023 15:11:58 GMT
last-modified: Tue, 17 Oct 2017 06:49:58 GMT
age: 1325954
x-cache: HIT from fastly, MISS from fastly
x-nginx-cache-status: MISS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=630720000,public
x-amz-ir-id: 927742aa-2658-4a73-88c2-5222873a3927
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 2331
x-served-by: cache-iad-kjyo7100107-IAD, cache-nyc-kteb1890025-NYC

GET
H2 200 517InMZ1KfL._SL75_.jpg
m.media-amazon.com/images/I/ 2 KB
2 KB 204ms
41ms Image
image/jpeg 2a04:4e42:600::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/517InMZ1KfL._SL75_.jpg
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 24f177aba2de297cee5f43384e602f9c17b8d9ddb942c188f774ea00029e4a7e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Thu, 25 Jun 2043 02:18:20 GMT
date: Fri, 30 Jun 2023 15:11:58 GMT
last-modified: Tue, 06 Mar 2018 06:52:03 GMT
age: 46419
x-cache: HIT from fastly, MISS from fastly
x-nginx-cache-status: MISS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=630720000,public
x-amz-ir-id: 7ea796a1-0b73-40d6-801c-dea61bb37265
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 2100
x-served-by: cache-iad-kjyo7100146-IAD, cache-nyc-kteb1890025-NYC

GET
H2 200 4185rSkhUFL._SL75_.jpg
m.media-amazon.com/images/I/ 2 KB
2 KB 208ms
45ms Image
image/jpeg 2a04:4e42:600::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/4185rSkhUFL._SL75_.jpg
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9c9916930ee6fe035b06b5ba657247833146bf0d5eefdf625aea95f0c53fe44a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Mon, 08 Jun 2043 01:43:24 GMT
date: Fri, 30 Jun 2023 15:11:58 GMT
last-modified: Thu, 26 Jul 2012 23:45:18 GMT
age: 1414452
x-cache: HIT from fastly, MISS from fastly
x-nginx-cache-status: HIT
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=630720000,public
x-amz-ir-id: e2da58db-1fe6-4475-835c-c243201d6621
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 1680
x-served-by: cache-iad-kcgs7200159-IAD, cache-nyc-kteb1890025-NYC

GET
H2 200 51H1W3+J2zL._SL75_.jpg
m.media-amazon.com/images/I/ 2 KB
2 KB 209ms
46ms Image
image/jpeg 2a04:4e42:600::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51H1W3+J2zL._SL75_.jpg
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c7e84ab4971ca461ed68d90f939ac8154ce7eef889f72a8235bde07d504c2c5

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Thu, 25 Jun 2043 02:17:07 GMT
date: Fri, 30 Jun 2023 15:11:58 GMT
last-modified: Thu, 28 Mar 2019 19:03:35 GMT
age: 46491
x-cache: HIT from fastly, MISS from fastly
x-nginx-cache-status: MISS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=630720000,public
x-amz-ir-id: 180850bb-0bf2-48e7-bd09-6792b29d716a
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 2154
x-served-by: cache-iad-kcgs7200079-IAD, cache-nyc-kteb1890025-NYC

GET
H2 200 51T1lKMJWXL._SL75_.jpg
m.media-amazon.com/images/I/ 2 KB
2 KB 215ms
52ms Image
image/jpeg 2a04:4e42:600::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51T1lKMJWXL._SL75_.jpg
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: be877b61f5c44a660b1aa2830a02d2ba80ea4ed494d37820e46ee88bef9a7dd9

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Thu, 25 Jun 2043 02:17:08 GMT
date: Fri, 30 Jun 2023 15:11:58 GMT
last-modified: Mon, 14 Nov 2016 07:33:18 GMT
age: 46491
x-cache: HIT from fastly, MISS from fastly
x-nginx-cache-status: MISS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=630720000,public
x-amz-ir-id: 038881a7-7e02-4ae9-a847-699c0246fd61
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 1932
x-served-by: cache-iad-kcgs7200078-IAD, cache-nyc-kteb1890025-NYC

GET
H2 200 51HRXN32TXL._SL75_.jpg
m.media-amazon.com/images/I/ 2 KB
2 KB 206ms
43ms Image
image/jpeg 2a04:4e42:600::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51HRXN32TXL._SL75_.jpg
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 43adb5676b2c43134634be0dfd9c3ca3007b81ed4499a3ce1df2839d3effe54e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Thu, 25 Jun 2043 02:17:07 GMT
date: Fri, 30 Jun 2023 15:11:58 GMT
last-modified: Mon, 19 Nov 2007 08:46:46 GMT
age: 46491
x-cache: HIT from fastly, MISS from fastly
x-nginx-cache-status: MISS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=630720000,public
x-amz-ir-id: 270c49b0-3450-4657-beb9-268dba6c8971
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 1938
x-served-by: cache-iad-kcgs7200088-IAD, cache-nyc-kteb1890025-NYC

GET
H2 200 51G0pc0a1tL._SL75_.jpg
m.media-amazon.com/images/I/ 2 KB
2 KB 46ms
44ms Image
image/jpeg 2a04:4e42:600::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51G0pc0a1tL._SL75_.jpg
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cccb6a10e5e6e3d527e3976df7fa398acda77aa00d91f74b02039fe57b49dffc

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Thu, 25 Jun 2043 02:17:09 GMT
date: Fri, 30 Jun 2023 15:11:58 GMT
last-modified: Mon, 06 Oct 2014 02:47:32 GMT
age: 46490
x-cache: HIT from fastly, MISS from fastly
x-nginx-cache-status: MISS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=630720000,public
x-amz-ir-id: 65155e0e-b4b6-4fdb-b256-53c928531367
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 2040
x-served-by: cache-iad-kjyo7100082-IAD, cache-nyc-kteb1890025-NYC

GET
H2 200 51F76HMVEWL._SL75_.jpg
m.media-amazon.com/images/I/ 2 KB
2 KB 48ms
46ms Image
image/jpeg 2a04:4e42:600::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51F76HMVEWL._SL75_.jpg
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ee95bfb870051ce531d49f83a7738187f075a7a036e2ca7c68e397bdc348f8db

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Thu, 25 Jun 2043 02:17:09 GMT
date: Fri, 30 Jun 2023 15:11:58 GMT
last-modified: Sun, 18 Nov 2007 06:50:39 GMT
age: 46490
x-cache: HIT from fastly, MISS from fastly
x-nginx-cache-status: MISS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=630720000,public
x-amz-ir-id: a2652ff7-37d2-45ef-bae2-3a217d3460de
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 2386
x-served-by: cache-iad-kcgs7200144-IAD, cache-nyc-kteb1890025-NYC

GET
H2 200 51NTxk-ncsL._SL75_.jpg
m.media-amazon.com/images/I/ 3 KB
3 KB 49ms
47ms Image
image/jpeg 2a04:4e42:600::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51NTxk-ncsL._SL75_.jpg
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4b66323f681852911078decd0438ab581e4587c9f9899ad4aef04ff04318fab0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 14 Jun 2043 17:22:22 GMT
date: Fri, 30 Jun 2023 15:11:58 GMT
last-modified: Fri, 09 Sep 2011 15:29:18 GMT
age: 942577
x-cache: HIT from fastly, MISS from fastly
x-nginx-cache-status: MISS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=630720000,public
x-amz-ir-id: 858bafd6-8458-49ab-9a89-c7ae8149044d
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 2566
x-served-by: cache-iad-kcgs7200166-IAD, cache-nyc-kteb1890025-NYC

GET
H2 200 619DWZNROrL._SL75_.jpg
m.media-amazon.com/images/I/ 3 KB
3 KB 78ms
76ms Image
image/jpeg 2a04:4e42:600::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/619DWZNROrL._SL75_.jpg
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b5fa1f902a3c85d0516cd9084b3e015575f71cfad8ebfeeefd307ccc382602ef

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Thu, 25 Jun 2043 02:17:10 GMT
date: Fri, 30 Jun 2023 15:11:58 GMT
last-modified: Wed, 16 Nov 2011 09:32:17 GMT
age: 46489
x-cache: HIT from fastly, MISS from fastly
x-nginx-cache-status: MISS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=630720000,public
x-amz-ir-id: 6f7ec54f-ace4-44cd-953c-769c5396a25b
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 2723
x-served-by: cache-iad-kcgs7200050-IAD, cache-nyc-kteb1890025-NYC

GET
H2 200 51VLr81CB6L._SL75_.jpg
m.media-amazon.com/images/I/ 2 KB
2 KB 82ms
81ms Image
image/jpeg 2a04:4e42:600::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51VLr81CB6L._SL75_.jpg
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 141d964da28625248496b29546e04c292413ee6af591514bd790eab8c028aa59

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Wed, 24 Jun 2043 01:05:00 GMT
date: Fri, 30 Jun 2023 15:11:58 GMT
last-modified: Thu, 19 Nov 2020 05:15:19 GMT
age: 137218
x-cache: HIT from fastly, MISS from fastly
x-nginx-cache-status: MISS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=630720000,public
x-amz-ir-id: bcf372e8-61bb-4703-9dcf-9ccaa2fbfac4
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 2388
x-served-by: cache-iad-kcgs7200083-IAD, cache-nyc-kteb1890025-NYC

GET
H2 200 51V0A7M1Q7L._SL75_.jpg
m.media-amazon.com/images/I/ 3 KB
4 KB 80ms
79ms Image
image/jpeg 2a04:4e42:600::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51V0A7M1Q7L._SL75_.jpg
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 853294b1b869fe564d2cd5495489ca53d3ac931c0c1e3937534ed4969f75ca9e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Thu, 25 Jun 2043 02:21:22 GMT
date: Fri, 30 Jun 2023 15:11:58 GMT
last-modified: Thu, 16 Nov 2006 13:29:47 GMT
age: 46195
x-cache: HIT from fastly, MISS from fastly
x-nginx-cache-status: HIT
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=630720000,public
x-amz-ir-id: 9de1ac3c-35f1-4785-86ea-a217873da0d6
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 3566
x-served-by: cache-iad-kiad7000020-IAD, cache-nyc-kteb1890025-NYC

GET
H2 200 510SS-B8g4L._SL75_.jpg
m.media-amazon.com/images/I/ 3 KB
3 KB 81ms
80ms Image
image/jpeg 2a04:4e42:600::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/510SS-B8g4L._SL75_.jpg
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6911a0e7e31a8848c28c75fc5e60ed42a874f4bdeb29712fd43242d25f05ba10

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Tue, 16 Jun 2043 15:26:39 GMT
date: Fri, 30 Jun 2023 15:11:58 GMT
last-modified: Thu, 17 Dec 2015 08:46:42 GMT
age: 712505
x-cache: HIT from fastly, MISS from fastly
x-nginx-cache-status: HIT
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=630720000,public
x-amz-ir-id: 4fd76197-c093-4250-983d-d1b6f7eb783c
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 2620
x-served-by: cache-iad-kjyo7100147-IAD, cache-nyc-kteb1890025-NYC

GET
H2 200 51oAFmxYS5L._SL75_.jpg
m.media-amazon.com/images/I/ 2 KB
3 KB 63ms
62ms Image
image/jpeg 2a04:4e42:600::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51oAFmxYS5L._SL75_.jpg
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 27b327ccf3d569225955d18ff44def44b5ea61773f4cffdd13b1ef63483281ca

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Thu, 25 Jun 2043 02:17:14 GMT
date: Fri, 30 Jun 2023 15:11:58 GMT
last-modified: Tue, 24 Oct 2017 08:54:49 GMT
age: 46485
x-cache: HIT from fastly, MISS from fastly
x-nginx-cache-status: MISS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=630720000,public
x-amz-ir-id: e886af17-db27-4996-9b01-3857b3e4d4aa
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 2543
x-served-by: cache-iad-kjyo7100132-IAD, cache-nyc-kteb1890025-NYC

GET
H2 200 61ocLmbBcVL._SL75_.jpg
m.media-amazon.com/images/I/ 3 KB
3 KB 79ms
78ms Image
image/jpeg 2a04:4e42:600::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/61ocLmbBcVL._SL75_.jpg
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2101d57740b81ce03f739e91b17575ea937eb6bdfe8313d31f628b7f573f7e83

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Thu, 25 Jun 2043 02:17:14 GMT
date: Fri, 30 Jun 2023 15:11:58 GMT
last-modified: Thu, 28 Mar 2019 19:03:22 GMT
age: 46485
x-cache: HIT from fastly, MISS from fastly
x-nginx-cache-status: MISS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=630720000,public
x-amz-ir-id: 8c490411-da4f-4c3f-8c85-350902a5111a
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 2934
x-served-by: cache-iad-kcgs7200178-IAD, cache-nyc-kteb1890025-NYC

GET
H2

200

home.gif
widget.booklog.jp/blogparts/images/templates/handwrite/
Redirect Chain

http://widget.booklog.jp/blogparts/images/templates/handwrite/home.gif
https://widget.booklog.jp/blogparts/images/templates/handwrite/home.gif

93 B
418 B

65ms
65ms

Image
image/gif

54.230.202.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.booklog.jp/blogparts/images/templates/handwrite/home.gif
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Server: 54.230.202.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-202-56.msp50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06f3337e32ab9f057cc29ea28c9daa58367afaf90c5d8f344f33cf56de416a03

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:11:58 GMT
via: 1.1 733555dc3e262ab7600bcb4af1e80756.cloudfront.net (CloudFront)
last-modified: Fri, 14 Aug 2020 03:41:52 GMT
server: AmazonS3
x-amz-cf-pop: MSP50-C2
age: 41332
etag: "d67201caf304748284b714dcf3dcc0cc"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 93
x-amz-cf-id: JeuWpO1qaKOmxSpWZFCb20ArPTUPkV1pISTzrrRwnGghkZUjG_3-ug==

Redirect headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
Via: 1.1 b3c0326ca0796e8310cefb28443a7ec0.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: MSP50-C2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://widget.booklog.jp/blogparts/images/templates/handwrite/home.gif
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: 8HxXgBND_i5MA8c_sGBeFZOB7xAX1TfgWfJ_5ZsSLiTKpe6jqGmlcw==

GET
H2

200

logo.gif
widget.booklog.jp/blogparts/images/templates/handwrite/
Redirect Chain

http://widget.booklog.jp/blogparts/images/templates/handwrite/logo.gif
https://widget.booklog.jp/blogparts/images/templates/handwrite/logo.gif

386 B
712 B

95ms
75ms

Image
image/gif

54.230.202.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.booklog.jp/blogparts/images/templates/handwrite/logo.gif
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Server: 54.230.202.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-202-56.msp50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11c7c1d2ec15c0f4bf2befe5a8929a91d56e46a34a5f549307e782c8f02efc9c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:11:58 GMT
via: 1.1 733555dc3e262ab7600bcb4af1e80756.cloudfront.net (CloudFront)
last-modified: Fri, 14 Aug 2020 03:41:51 GMT
server: AmazonS3
x-amz-cf-pop: MSP50-C2
age: 41332
etag: "f9af307b34b8069aa7afffcb85308165"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 386
x-amz-cf-id: OrwsS2qYG_UhEISo5OHMg8aDB_o9nZrmj_PUw-35b6oluM_n_XaQ7w==

Redirect headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
Via: 1.1 b3c0326ca0796e8310cefb28443a7ec0.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: MSP50-C2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://widget.booklog.jp/blogparts/images/templates/handwrite/logo.gif
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: FPT2uabe41Ehpw0Swb1c8fxlhzgav3TeGLdjCZ4ZkTTlUE-dwpjSYg==

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 12B5 320 KB
104 KB 174ms
29ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fcrescent-star.jugem.jp
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D0F) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420380
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:11:58 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D0F)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 9877
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_rbd_ox-db5_smrt_n-Outbrain
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_rbd_ox-db5_smrt_n-Outbrain&dcc=t

308 B
1 KB

79ms
79ms

Document
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_rbd_ox-db5_smrt_n-Outbrain&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

17eedfbd6207c388a4455df3dca137785efc0be264f83985aed475e7e1df1a0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 308
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 30 Jun 2023 15:11:59 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 0PCX6FHQCDB8WVRNNDDV

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 30 Jun 2023 15:11:58 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_rbd_ox-db5_smrt_n-Outbrain&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: KEHK9JXFQTSF51YMAQ43

GET
H2

200

top.gif
widget.booklog.jp/blogparts/images/templates/handwrite/
Redirect Chain

http://widget.booklog.jp/blogparts/images/templates/handwrite/top.gif
https://widget.booklog.jp/blogparts/images/templates/handwrite/top.gif

554 B
878 B

67ms
60ms

Image
image/gif

54.230.202.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.booklog.jp/blogparts/images/templates/handwrite/top.gif
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Server: 54.230.202.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-202-56.msp50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1014b4de8b60f98acb7d53f1bf6c12e61b493de8542a29ee0361c45b94ace70

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:11:58 GMT
via: 1.1 733555dc3e262ab7600bcb4af1e80756.cloudfront.net (CloudFront)
last-modified: Fri, 14 Aug 2020 03:41:51 GMT
server: AmazonS3
x-amz-cf-pop: MSP50-C2
age: 41332
etag: "8d3b1b1ce915dbc1dcfb203dc19eb5a5"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 554
x-amz-cf-id: ft5BEIL2cim7QesGwVpISGWz_Y94vSd9t624PE3hV23hJOgVrYHSaw==

Redirect headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
Via: 1.1 a135dbc42c7847731193b532a27d11ca.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: MSP50-C2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://widget.booklog.jp/blogparts/images/templates/handwrite/top.gif
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: wyE0_2VsUfFEX_uVadmrUOqSBF30zS2VjqG3k5CHZ7XRdTWsBB9Chw==

GET
H2

200

main.gif
widget.booklog.jp/blogparts/images/templates/handwrite/
Redirect Chain

http://widget.booklog.jp/blogparts/images/templates/handwrite/main.gif
https://widget.booklog.jp/blogparts/images/templates/handwrite/main.gif

2 KB
2 KB

96ms
76ms

Image
image/gif

54.230.202.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.booklog.jp/blogparts/images/templates/handwrite/main.gif
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Server: 54.230.202.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-202-56.msp50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63658db51646ac1760810e9bcc9ea7c10a08aa85ee22622004dce984795d80ed

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:11:58 GMT
via: 1.1 733555dc3e262ab7600bcb4af1e80756.cloudfront.net (CloudFront)
last-modified: Fri, 14 Aug 2020 03:41:52 GMT
server: AmazonS3
x-amz-cf-pop: MSP50-C2
age: 58361
etag: "9b3c0afb29d5f0f28a75db4850b91703"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 2001
x-amz-cf-id: qSl2ktitUp3W2TKJXQl7ttSoWF9G-e1EJKp85V1gpZimKuCJbOuYNg==

Redirect headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
Via: 1.1 733555dc3e262ab7600bcb4af1e80756.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: MSP50-C2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://widget.booklog.jp/blogparts/images/templates/handwrite/main.gif
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: Oz1eyqn9G6HBg9SibnbPEoOE6fnQotPGHmggh-DLEX2KpeYYhFl28A==

GET
H2

200

bottom.gif
widget.booklog.jp/blogparts/images/templates/handwrite/
Redirect Chain

http://widget.booklog.jp/blogparts/images/templates/handwrite/bottom.gif
https://widget.booklog.jp/blogparts/images/templates/handwrite/bottom.gif

116 B
442 B

142ms
135ms

Image
image/gif

54.230.202.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.booklog.jp/blogparts/images/templates/handwrite/bottom.gif
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Server: 54.230.202.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-202-56.msp50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17a18f82b0f3f0acc63c10a4e3fbcef6360d4bce4e6ae18052eb2061a354957a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 03:43:07 GMT
via: 1.1 733555dc3e262ab7600bcb4af1e80756.cloudfront.net (CloudFront)
last-modified: Fri, 14 Aug 2020 03:41:52 GMT
server: AmazonS3
x-amz-cf-pop: MSP50-C2
age: 41332
etag: "ac40743ab51a57f8fa73c5bf530f0086"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 116
x-amz-cf-id: 0Yl9UQKCr8qWMhujvV1dMk30mRrzENM_0baow3jQNjoZ2mObxL4gYg==

Redirect headers

Date: Fri, 30 Jun 2023 15:11:58 GMT
Via: 1.1 a135dbc42c7847731193b532a27d11ca.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: MSP50-C2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://widget.booklog.jp/blogparts/images/templates/handwrite/bottom.gif
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: El8gGxKDBciR7nPKPhIW3Z8Ogeoqwim7S82QxZWIJxa0wyELJSeN6w==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 12B5 870 B
657 B 517ms
47ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=5fb9fd05f4b5d96207334ee8deaa807f4888053d

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fcrescent-star.jugem.jp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 6
date: Fri, 30 Jun 2023 15:11:58 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 30 Jun 2023 15:11:59 GMT
server: tsa_b
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 7ee27604e174038e
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: cf9fceb4ff11d91ff871bb3d04c91a92de59691423e6abc338b43c5028c617a4
content-length: 338

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 3DA4 1 KB
2 KB 50ms
50ms Document
text/html 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_ox-db5_smrt_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_rbd_ox-db5_smrt_n-Outbrain&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

8671e2e2892af14bad70adf230b1015ae89a395b34a276dda286c1ce8d4404db

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_rbd_ox-db5_smrt_n-Outbrain&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1505
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 30 Jun 2023 15:11:59 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 9EV7P916FDNMKXAXK0SY

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6C47 16 KB
6 KB 431ms
39ms Document
text/html 23.197.184.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.197.184.187 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-184-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=103874
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 30 Jun 2023 15:11:59 GMT
expires: Sat, 01 Jul 2023 20:03:13 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3DA4
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=c3cd0795

43 B
479 B

153ms
56ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=c3cd0795

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_ox-db5_smrt_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:11:59 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7TH95EAT65T9ZF591YS3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 30 Jun 2023 15:11:59 GMT
via: 1.1 6236a66b86631f0a9f18e00e62de376a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MSP50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=c3cd0795
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 7HgVdiEfUCdGyE354mLyLqiaEETlnDlHhglCncYz3CFrH-SnqZUCgA==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3DA4
Redirect Chain

https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=fLhZKkf-F94P2UhaE5Pr

43 B
479 B

94ms
47ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=fLhZKkf-F94P2UhaE5Pr

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_ox-db5_smrt_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:11:59 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 90MSCZYD4YE4ZTS08V54
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:11:59 GMT
Content-Type: text/html; charset=utf-8
Location: https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=fLhZKkf-F94P2UhaE5Pr
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 101
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame BADF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

2 KB
2 KB

28ms
27ms

Document
text/html

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_ox-db5_smrt_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 7743061bbf45995e1289df0d61544233882d92f4f983090587f446413ca70e8e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1655
Content-Type: text/html
Date: Fri, 30 Jun 2023 15:11:59 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 30 Jun 2023 15:11:59 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2

200

cm Show response
u.openx.net/w/1.0/ Frame CDBF
Redirect Chain

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...

693 B
732 B

66ms
56ms

Document
text/html

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_ox-db5_smrt_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 1f840907592a5589e5031ae542349cc646f599371350ab0c61f3d03bc3b1aea0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 399
content-type: text/html
date: Fri, 30 Jun 2023 15:11:59 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 30 Jun 2023 15:11:59 GMT
location: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame FCF4
Redirect Chain

https://ssbsync-us.smartadserver.com/api/sync?callerId=2
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1448414310149459964&gdpr=0&gdpr_consent=

43 B
479 B

56ms
55ms

Document
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1448414310149459964&gdpr=0&gdpr_consent=

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_ox-db5_smrt_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 30 Jun 2023 15:11:59 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 4PXM012JKAK450H4PKRZ

Redirect headers

content-length: 0
date: Fri, 30 Jun 2023 15:11:58 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1448414310149459964&gdpr=0&gdpr_consent=

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0428 281 B
554 B 140ms
35ms Document
text/html 104.102.111.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_ox-db5_smrt_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.111.7 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-111-7.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 30 Jun 2023 15:11:59 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 159ms
64ms Script
application/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=crescent-star.jugem.jp

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 123 KB
29 KB 599ms
597ms XHR
text/plain 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1277994301907185&correlator=1984411593308125&eid=31075744%2C31075694&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fifs&iu_parts=66065524%2Cjugem_pc_inactive%2Cjugem_pc_inactive_footer_1_left%2Cjugem_pc_inactive_footer_1_right%2Cjugem_pc_inactive_header_left%2Cjugem_pc_inactive_header_right%2Cjugem_pc_inactive_footer_2_left%2Cjugem_pc_inactive_footer_2_right&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7&prev_iu_szs=300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&ifi=1&adks=2583391058%2C1263642352%2C1636172113%2C913629305%2C2564169058%2C2128610095&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D2.00%26hb_adid%3D98cdd1aff8300ed%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=publisher_id%3D544%26flux_test_flag%3Dprd&sc=0&cookie_enabled=1&abxe=1&dt=1688137919519&lmt=1674665299&dlt=1688137916598&idt=1636&adxs=425%2C425%2C425%2C425%2C425%2C425&adys=1691%2C1941%2C426%2C676%2C10810%2C11060&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C0%7C0%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fcrescent-star.jugem.jp%2F&frm=20&vis=1&psz=300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250&msz=300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250&fws=0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=1672754536.1688137918&ga_sid=1688137920&ga_hid=803759924&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eda2d490429abf32a4411140d973e6eaf7f046454e56ea6a31551eb1ab3b10f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29191
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9405 6 KB
3 KB 183ms
67ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:11:59 GMT
expires: Sat, 29 Jun 2024 15:11:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 Collect Show response
a.flux.jp/analytics.collect.v1.CollectService/ 2 B
261 B 786ms
784ms XHR
application/json 34.160.89.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.89.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.89.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Jun 2023 15:12:00 GMT
content-encoding: gzip
via: 1.1 google
accept-encoding: gzip
server: Google Frontend
traceparent: 00-4dc4c2418a127d24e15e42393b76ab03-b01f136c440e114e-00
vary: Origin
content-type: application/json
access-control-allow-origin: http://crescent-star.jugem.jp
access-control-expose-headers: Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context: 4dc4c2418a127d24e15e42393b76ab03/12690883630672515406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0428 34 KB
10 KB 57ms
55ms Script
text/html 104.102.111.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.111.7 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-111-7.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 40ed6544f8fbd27415b19c458bf043cc143f0d15ad1e5adb175b90c74b9849ad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:11:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Jun 2023 01:38:20 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37588
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 01 Jul 2023 01:38:27 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 6C47 5 KB
6 KB 116ms
36ms Script
text/html 8.28.7.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86626176&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 3069ab9619690cd44d05cbae9946ab0b0e5899929f36604fcfb7bacd25b8d428

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 30 Jun 2023 15:11:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame BADF 43 B
855 B 49ms
48ms Image
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZJ7wv7M16opIMKMsIAK4KAAADvQAAAAB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:11:59 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FG5KEAE0J5506APRA9V4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BADF
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://match.adsrvr.org/track/cmb/casale?
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6b724462-72fa-46ba-9c10-3c9c030bc1d5&expiration=1690729920&gdpr=0&gdpr_consent=

43 B
632 B

87ms
30ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6b724462-72fa-46ba-9c10-3c9c030bc1d5&expiration=1690729920&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:00 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6b724462-72fa-46ba-9c10-3c9c030bc1d5&expiration=1690729920&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame BADF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZJ7wv7M16opIMKMsIAK4KAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB0dL9cb852Pr7U5_teTtdQ&google_cver=1

43 B
632 B

29ms
26ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB0dL9cb852Pr7U5_teTtdQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:11:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB0dL9cb852Pr7U5_teTtdQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame BADF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZJ7wv7M16opIMKMsIAK4KAAADvQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZJ7wv7M16opIMKMsIAK4KAAADvQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO1zifGNRazoiiLQNx0uuf0&google_cver=1

43 B
766 B

30ms
25ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO1zifGNRazoiiLQNx0uuf0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO1zifGNRazoiiLQNx0uuf0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame BADF
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://x.bidswitch.net/ul_cb/sync?ssp=index
https://r.bidswitch.net/sync?bidswitch_ssp_id=index&bsw_custom_parameter=30c28880-f135-45df-9a1a-123ecbe9d4b2
https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=30c28880-f135-45df-9a1a-123ecbe9d4b2&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=40bb99ce-d487-4439-8cc0-4f633e1bfa69%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%2525...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6b724462-72fa-46ba-9c10-3c9c030bc1d5&ttd_puid=40bb99ce-d487-4439-8cc0-4f633e1bfa69%2Chttps%253A%252F%252Fx.bidswitch.net%...
https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=index&bsw_param=30c28880-f135-45df-9a1a-123ecbe9d4b2
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=30c28880-f135-45df-9a1a-123ecbe9d4b2&gdpr=&gdpr_consent=&us_privacy=

43 B
632 B

132ms
53ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=30c28880-f135-45df-9a1a-123ecbe9d4b2&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Location: //dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=30c28880-f135-45df-9a1a-123ecbe9d4b2&gdpr=&gdpr_consent=&us_privacy=
Date: Fri, 30 Jun 2023 15:12:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum.casalemedia.com/ Frame BADF
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8780596409763565358

43 B
632 B

589ms
64ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8780596409763565358
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Date: Fri, 30 Jun 2023 15:11:59 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.249.40; 96.9.249.40; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: dbcedccf-957b-43f7-ac17-8b94e3e8e898
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8780596409763565358
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame BADF
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=b05f9972-88ff-4817-a911-8a70eb8251d2&expiration=1719760319

43 B
632 B

57ms
25ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=b05f9972-88ff-4817-a911-8a70eb8251d2&expiration=1719760319
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=b05f9972-88ff-4817-a911-8a70eb8251d2&expiration=1719760319
Date: Fri, 30 Jun 2023 15:11:59 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame BADF 43 B
479 B 90ms
51ms Image
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZJ7wv7M16opIMKMsIAK4KAAADvQAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:11:59 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5JN89VQXVGJGTM1V6T80
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame CDBF 43 B
479 B 91ms
49ms Image
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=7ed931d2-277f-8b17-8c54-ee80d3457a15

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:11:59 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ADHYKPGSX2CKNGJ7JEZK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 b2c82beb-ab79-a2a4-7d8d-7ae244217cbc
pr-bh.ybp.yahoo.com/sync/openx/ Frame CDBF 43 B
602 B 130ms
38ms Image
image/gif 2600:1f18:4e9:5a02:71d0:2e3a:4d87:7371
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/b2c82beb-ab79-a2a4-7d8d-7ae244217cbc?gdpr=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a02:71d0:2e3a:4d87:7371 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:11:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame CDBF 43 B
855 B 95ms
55ms Image
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=7ed931d2-277f-8b17-8c54-ee80d3457a15

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:11:59 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6KMXFKYVJ49C9GWZNX1G
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame CDBF
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=260f4daf-3bd5-30ed-4c5a-6c17bb76b1f5&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=260f4daf-3bd5-30ed-4c5a-6c17bb76b1f5&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=6b724462-72fa-46ba-9c10-3c9c030bc1d5&ttd_puid=260f4daf-3bd5-30ed-4c5a-6c17bb76b1f5&gdpr=0&gdpr_consent=

43 B
249 B

52ms
46ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=6b724462-72fa-46ba-9c10-3c9c030bc1d5&ttd_puid=260f4daf-3bd5-30ed-4c5a-6c17bb76b1f5&gdpr=0&gdpr_consent=
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:00 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:00 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=6b724462-72fa-46ba-9c10-3c9c030bc1d5&ttd_puid=260f4daf-3bd5-30ed-4c5a-6c17bb76b1f5&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CDBF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGE2MDllNjUtZjJhMi02ZTQ5LTU5YmEtMzZhZTcxOTQ3Zjk1
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGE2MDllNjUtZjJhMi02ZTQ5LTU5YmEtMzZhZTcxOTQ3Zjk1&google_tc=

170 B
243 B

56ms
53ms

Image
image/png

142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGE2MDllNjUtZjJhMi02ZTQ5LTU5YmEtMzZhZTcxOTQ3Zjk1&google_tc=

Requested by

Protocol

Server

142.250.64.66 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:11:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGE2MDllNjUtZjJhMi02ZTQ5LTU5YmEtMzZhZTcxOTQ3Zjk1&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame CDBF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE1VY_CcqCsoAR8vJxQG4Fs&google_cver=1

43 B
171 B

55ms
45ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE1VY_CcqCsoAR8vJxQG4Fs&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:00 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE1VY_CcqCsoAR8vJxQG4Fs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK button.e7f9415a2e000feaab02c86dd5802747.js Show response
platform.twitter.com/js/ 8 KB
3 KB 29ms
28ms Script
application/javascript 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D0E) /
Resource Hash: ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:11:59 GMT
Content-Encoding: gzip
Age: 5420380
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2618
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
Server: ECS (nyb/1D0E)
Etag: "506673dbdb9085e7201e137e893cc152+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame C44E
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

72ms
72ms

Document
text/html

34.232.39.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.39.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-39-3.compute-1.amazonaws.com
Software: /
Resource Hash: d1234272bbdbe952ae3dce8a9ce2063cb81f75eab4ccc054f8702cb5e6b71192

Request headers

Referer: https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, must-revalidate
content-length: 186
content-type: text/html; charset=utf-8
date: Fri, 30 Jun 2023 15:12:00 GMT
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Fri, 30 Jun 2023 15:12:00 GMT
pragma: no-cache

Redirect headers

content-length: 41
content-type: text/html; charset=utf-8
date: Fri, 30 Jun 2023 15:11:59 GMT
location: /um/cs&eq_cc=1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0428
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LJIPQAMP-Z-B9FL
https://s.amazon-adsystem.com/ecm3?id=LJIPQAMP-Z-B9FL&ex=d-rubiconproject.com&status=ok

43 B
479 B

50ms
47ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LJIPQAMP-Z-B9FL&ex=d-rubiconproject.com&status=ok

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:00 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RPPJNXK1HCZ5TQ0T9W61
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LJIPQAMP-Z-B9FL&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: af308bb17a856a105b8c87aaae7d7f8c
Expires: 0

GET
H2 503 b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 7359 0
86 B 15285ms
15161ms Document
text/plain 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Fri, 30 Jun 2023 15:12:15 GMT
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-yyz4531-YYZ
x-timer: S1688137920.125983,VS0,VE15142

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame FA88
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1783777322866507464

42 B
275 B

702ms
67ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1783777322866507464
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 12:56:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Fri, 30 Jun 2023 15:12:00 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1783777322866507464
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1 200
OK dcm Show response
s.amazon-adsystem.com/ Frame 490A 43 B
855 B 53ms
51ms Document
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 30 Jun 2023 15:12:00 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 86T7BT3A1GT5ZT6CKDZ0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame B56D
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCMHgwN0pQZUlBQUNSNGwxSTU4QQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&b...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAB0x07JPeIAACR4l1I58A&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_cu...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB0x07JPeIAACR4l1I58A&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAB0x07JPeIAACR4l1I58A&pid=558502&do=add&gdpr=0
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB0x07JPeIAACR4l1I58A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=1448414310149459964&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB0x07JPeIAACR4l1I58A&gdpr=0&gdpr_consent=

42 B
199 B

42ms
41ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB0x07JPeIAACR4l1I58A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 15:12:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Fri, 30 Jun 2023 15:12:01 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB0x07JPeIAACR4l1I58A&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9185
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6bb0649e-f0c0-4d00-bb72-31bc0765c9c4&gdpr=0&gdpr_consent=

42 B
95 B

657ms
34ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6bb0649e-f0c0-4d00-bb72-31bc0765c9c4&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 15:12:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Fri, 30 Jun 2023 15:12:00 GMT
Expires: Fri, 30 Jun 2023 15:11:59 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1031 59fd23a master ord ord-pixel-x27 config_version:"1969"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6bb0649e-f0c0-4d00-bb72-31bc0765c9c4&gdpr=0&gdpr_consent=

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 6943 0
222 B 161ms
44ms Document
image/gif 8.18.47.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 0
content-type: image/gif
date: Fri, 30 Jun 2023 15:11:59 GMT
p3p: policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server: c

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0E76
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8780596409763565358&gdpr=0&gdpr_consent=

42 B
237 B

653ms
31ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8780596409763565358&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 15:12:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: 23f23471-d5b1-4c61-b8ea-3e326ce35d6e
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:00 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8780596409763565358&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 96.9.249.40; 96.9.249.40; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 03CB
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TbjUah28jj9Wv9Q3Ge3Abk20j21Wu9Q-H-rVkaGl

42 B
415 B

697ms
70ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TbjUah28jj9Wv9Q3Ge3Abk20j21Wu9Q-H-rVkaGl
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 12:56:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Fri, 30 Jun 2023 15:12:00 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TbjUah28jj9Wv9Q3Ge3Abk20j21Wu9Q-H-rVkaGl
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5AA9
Redirect Chain

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=76962ef6-1758-11ee-af13-5f9bbfc5070b

42 B
244 B

34ms
32ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=76962ef6-1758-11ee-af13-5f9bbfc5070b
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 15:12:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 0
content-type: image/gif
date: Fri, 30 Jun 2023 15:12:01 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=76962ef6-1758-11ee-af13-5f9bbfc5070b
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: lga-delivery-10

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame EEC4 43 B
363 B 113ms
34ms Document
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:11:59 GMT
expires: Fri, 30 Jun 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 194565
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C069
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:I321QrfV1QffMY5&gdpr=0&gdpr_consent=

42 B
220 B

80ms
48ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:I321QrfV1QffMY5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 15:12:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Fri, 30 Jun 2023 15:12:00 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:I321QrfV1QffMY5&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-0581796abe647e070@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

pbmtc.gif Show response
beacon.lynx.cognitivlabs.com/ Frame 59D7
Redirect Chain

https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=b05f9972-88ff-4817-a911-8a70eb8251d2&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2

42 B
487 B

307ms
290ms

Document
image/gif

34.197.223.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.223.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-223-55.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Length: 42
Content-Type: image/gif
Date: Fri, 30 Jun 2023 15:12:01 GMT
Server: Kestrel

Redirect headers

cache-control: no-store, no-cache, private
date: Fri, 30 Jun 2023 15:12:00 GMT
location: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame BEA2
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&gdpr=0&gdpr_consent=

42 B
380 B

75ms
42ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 15:12:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CoW8UMfBUSNUXv9jpxnClmAJ-Sg&gdpr=0&gdpr_consent=

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 1030
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
453 B

346ms
117ms

Document
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7df75856a8b7d15f-BUF
content-length: 43
content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 15:12:01 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7df75851b88fd15f-BUF
content-type: text/html
date: Fri, 30 Jun 2023 15:12:00 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 1

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C981
Redirect Chain

https://ums.acuityplatform.com/tum?umid=6
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=795479323761

42 B
289 B

99ms
32ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=795479323761
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 15:11:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Content-Length: 0
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=795479323761

GET /
csync.loopme.me/ Frame 8A82 0
0

GET
H2 200 setuid Show response
u.4dex.io/ Frame F7FA 0
702 B 808ms
93ms Document
text/plain 34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C3A7FB0F-E114-40C9-87C8-FA6B843976E2
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Fri, 30 Jun 2023 15:12:00 GMT
expires: 0
pragma: no-cache
vary: Origin Accept-Encoding
via: 1.1 google

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6C47
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w6f7D-EUQMmHyPprhDl24g%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

155ms
67ms

Image
text/html

23.197.184.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 23.197.184.187 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-184-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:00 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=103873
accept-ranges: bytes
content-length: 5554
expires: Sat, 01 Jul 2023 20:03:13 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 6C47
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C3A7FB0F-E114-40C9-87C8-FA6B843976E2
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=C3A7FB0F-E114-40C9-87C8-FA6B843976E2
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=40bb99ce-d487-4439-8cc0-4f633e1bfa69%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6b724462-72fa-46ba-9c10-3c9c030bc1d5&ttd_puid=40bb99ce-d487-4439-8cc0-4f633e1bfa69%2C%2C

95 B
123 B

51ms
50ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6b724462-72fa-46ba-9c10-3c9c030bc1d5&ttd_puid=40bb99ce-d487-4439-8cc0-4f633e1bfa69%2C%2C

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:01 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6b724462-72fa-46ba-9c10-3c9c030bc1d5&ttd_puid=40bb99ce-d487-4439-8cc0-4f633e1bfa69%2C%2C
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 359

GET
H2

200

xuid
eb2.3lift.com/ Frame 6C47
Redirect Chain

https://eb2.3lift.com/xuid?mid=7976&xuid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&dongle=u6nf&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=

37 B
353 B

74ms
59ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 30 Jun 2023 15:12:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7976&xuid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date: Fri, 30 Jun 2023 15:12:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

insync
thrtle.com/ Frame 6C47
Redirect Chain

https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&gdpr=0&gdpr_consent=
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&vxii_pid=12&vxii_pid1=10067&vxii_rcid=3587025c-27cc-4e66-91f3-41971601a959

43 B
294 B

76ms
57ms

Image
image/gif

34.196.240.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&vxii_pid=12&vxii_pid1=10067&vxii_rcid=3587025c-27cc-4e66-91f3-41971601a959
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 34.196.240.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-240-12.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Fri, 30 Jun 2023 15:12:01 GMT
content-length: 43
content-type: image/gif

Redirect headers

location: https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&vxii_pid=12&vxii_pid1=10067&vxii_rcid=3587025c-27cc-4e66-91f3-41971601a959
date: Fri, 30 Jun 2023 15:12:00 GMT
content-type: text/html; charset=utf-8
content-length: 211
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6C47
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzNBN0ZCMEYtRTExNC00MEM5LTg3QzgtRkE2Qjg0Mzk3NkUy&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

159ms
69ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 15:12:00 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6C47
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN07dI0sDKQr6er-RoanQ_s&google_cver=1

42 B
524 B

156ms
65ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN07dI0sDKQr6er-RoanQ_s&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 15:11:59 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN07dI0sDKQr6er-RoanQ_s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6C47
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:AD8E4C81138A47AD9B352AC9EEBA7388

42 B
327 B

82ms
54ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:AD8E4C81138A47AD9B352AC9EEBA7388
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 15:12:00 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Fri, 30 Jun 2023 15:12:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:AD8E4C81138A47AD9B352AC9EEBA7388
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 29 Jun 2023 15:12:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6C47
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3039655696692765300&gdpr=0&gdpr_consent=&us_privacy=

1 B
195 B

66ms
48ms

Image
text/html

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3039655696692765300&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Fri, 30 Jun 2023 15:12:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3039655696692765300&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Fri, 30 Jun 2023 15:12:00 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6C47
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6b724462-72fa-46ba-9c10-3c9c030bc1d5&gdpr=0&gdpr_consent=

42 B
312 B

126ms
35ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6b724462-72fa-46ba-9c10-3c9c030bc1d5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 15:12:00 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:00 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6b724462-72fa-46ba-9c10-3c9c030bc1d5&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 355

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 6C47
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XCin_9FE2uXL1jzo7NhmsU4FTclcqPE-~A&gdpr=0

0
260 B

254ms
25ms

Image
text/plain

162.248.18.34
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XCin_9FE2uXL1jzo7NhmsU4FTclcqPE-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:01 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XCin_9FE2uXL1jzo7NhmsU4FTclcqPE-~A&gdpr=0
date: Fri, 30 Jun 2023 15:12:00 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 C3A7FB0F-E114-40C9-87C8-FA6B843976E2
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6C47 43 B
601 B 95ms
46ms Image
image/gif 2600:1f18:4e9:5a02:71d0:2e3a:4d87:7371
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/C3A7FB0F-E114-40C9-87C8-FA6B843976E2?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a02:71d0:2e3a:4d87:7371 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6C47
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1d4186035e70fdd&is_secure=true&networkId=17100&version=1&nuid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHTGW7QckwlwNfxmKbAAAAAAA&expiration=1688224321&nuid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&...

42 B
266 B

33ms
32ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHTGW7QckwlwNfxmKbAAAAAAA&expiration=1688224321&nuid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&is_secure=true&gdpr_consent=&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 15:12:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:01 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHTGW7QckwlwNfxmKbAAAAAAA&expiration=1688224321&nuid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2 204 CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 6C47 0
35 B 817ms
83ms Image
text/plain 3.214.222.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.222.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-222-87.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6C47
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dfaa0c26-655b-4adc-9f59-33a4b9ffad62&gdpr=0&gdpr_consent=

1 B
237 B

32ms
30ms

Image
text/html

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dfaa0c26-655b-4adc-9f59-33a4b9ffad62&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Fri, 30 Jun 2023 15:12:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dfaa0c26-655b-4adc-9f59-33a4b9ffad62&gdpr=0&gdpr_consent=
Date: Fri, 30 Jun 2023 15:12:01 GMT
Connection: keep-alive
X-CI-RTID: 50abc583-a85f-4f98-a8a0-b714194ca7d2
Content-Length: 205
Content-Type: text/html; charset=utf-8

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6C47
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=30c28880-f135-45df-9a1a-123ecbe9d4b2
https://a.usbrowserspeed.com/cs?puid=1ded66ff-8631-50e5-9153-a38e0df13db2&pid=lc&r=https%3a%2f%2fmatch%2eprod%2ebidr%2eio%2fcookie%2dsync%2ffivebyfive%3fr%3dhttps%253a%252f%252fa%252eclickcertain%2...
https://match.prod.bidr.io/cookie-sync/fivebyfive?r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26bidswitch_ssp_id%3dpubmatic
https://a.usbrowserspeed.com/cs?pid=beeswax&puid=AAB0x07JPeIAACR4l1I58A&r=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26bidswitch_ssp_id%3Dpubmatic
https://a.clickcertain.com/px/img/bidswitch/?done=true&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=179&user_id=39d15267-3492-420b-8398-3dfff23d89c6&expires=5&user_group=0&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=30c28880-f135-45df-9a1a-123ecbe9d4b2&gdpr=&gdpr_consent=&gdpr_pd=

1 B
244 B

45ms
26ms

Image
text/html

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=30c28880-f135-45df-9a1a-123ecbe9d4b2&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Fri, 30 Jun 2023 15:12:02 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=30c28880-f135-45df-9a1a-123ecbe9d4b2&gdpr=&gdpr_consent=&gdpr_pd=
Date: Fri, 30 Jun 2023 15:12:03 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6C47
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e14be83c-1342-4d20-be20-a9e1b58a96ff-649ef0c1-5553&gdpr=0&gdpr_consent=

42 B
341 B

33ms
30ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e14be83c-1342-4d20-be20-a9e1b58a96ff-649ef0c1-5553&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 15:12:02 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:00 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e14be83c-1342-4d20-be20-a9e1b58a96ff-649ef0c1-5553&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET sn.ashx
pmp.mxptint.net/ Frame 6C47 0
0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6C47
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6877677253035538772

42 B
244 B

27ms
25ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6877677253035538772
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 15:12:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6877677253035538772
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html Show response
platform.twitter.com/widgets/ Frame BC9E 37 KB
14 KB 62ms
62ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D0E) /
Resource Hash: 1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420355
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 14019
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:00 GMT
Etag: "888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:11 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D0E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html Show response
platform.twitter.com/widgets/ Frame AFE3 37 KB
14 KB 243ms
44ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D33) /
Resource Hash: a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420377
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13592
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:00 GMT
Etag: "28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D33)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html Show response
platform.twitter.com/widgets/ Frame 58AA 37 KB
14 KB 249ms
53ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D1C) /
Resource Hash: 1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420367
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 14019
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:00 GMT
Etag: "888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:11 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D1C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html Show response
platform.twitter.com/widgets/ Frame E6AA 37 KB
14 KB 245ms
50ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D20) /
Resource Hash: a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420381
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13592
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:00 GMT
Etag: "28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D20)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html Show response
platform.twitter.com/widgets/ Frame 4A97 37 KB
14 KB 244ms
51ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D27) /
Resource Hash: 1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420364
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 14019
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:00 GMT
Etag: "888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:11 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D27)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html Show response
platform.twitter.com/widgets/ Frame 5023 37 KB
14 KB 250ms
55ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D0E) /
Resource Hash: a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420380
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13592
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:00 GMT
Etag: "28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D0E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html Show response
platform.twitter.com/widgets/ Frame 49BA 37 KB
14 KB 249ms
56ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D2C) /
Resource Hash: 1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420362
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 14019
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:00 GMT
Etag: "888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:11 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D2C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html Show response
platform.twitter.com/widgets/ Frame 857F 37 KB
14 KB 384ms
52ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D33) /
Resource Hash: a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420378
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13592
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:01 GMT
Etag: "28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D33)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html Show response
platform.twitter.com/widgets/ Frame 4916 37 KB
14 KB 385ms
53ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D20) /
Resource Hash: 1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420341
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 14019
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:01 GMT
Etag: "888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:11 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D20)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html Show response
platform.twitter.com/widgets/ Frame 7349 37 KB
14 KB 367ms
52ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D27) /
Resource Hash: a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420380
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13592
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:01 GMT
Etag: "28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D27)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html Show response
platform.twitter.com/widgets/ Frame 0D02 37 KB
14 KB 375ms
55ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D1C) /
Resource Hash: 1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420368
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 14019
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:01 GMT
Etag: "888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:11 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D1C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html Show response
platform.twitter.com/widgets/ Frame D367 37 KB
14 KB 360ms
55ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D0E) /
Resource Hash: a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420381
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13592
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:01 GMT
Etag: "28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D0E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html Show response
platform.twitter.com/widgets/ Frame 65EF 37 KB
14 KB 360ms
55ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D2C) /
Resource Hash: 1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420363
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 14019
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:01 GMT
Etag: "888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:11 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D2C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html Show response
platform.twitter.com/widgets/ Frame AEA5 37 KB
14 KB 421ms
37ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D33) /
Resource Hash: a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420378
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13592
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:01 GMT
Etag: "28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D33)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html Show response
platform.twitter.com/widgets/ Frame 430A 37 KB
14 KB 418ms
36ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D27) /
Resource Hash: 1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420365
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 14019
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:01 GMT
Etag: "888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:11 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D27)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html Show response
platform.twitter.com/widgets/ Frame 6531 37 KB
14 KB 416ms
35ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D20) /
Resource Hash: a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420382
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13592
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:01 GMT
Etag: "28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D20)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html Show response
platform.twitter.com/widgets/ Frame 55DA 37 KB
14 KB 418ms
37ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D1C) /
Resource Hash: 1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420368
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 14019
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:01 GMT
Etag: "888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:11 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D1C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html Show response
platform.twitter.com/widgets/ Frame BE66 37 KB
14 KB 411ms
31ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D0E) /
Resource Hash: a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420381
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13592
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:01 GMT
Etag: "28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D0E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html Show response
platform.twitter.com/widgets/ Frame B921 37 KB
14 KB 412ms
39ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.ja.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D2C) /
Resource Hash: 1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420363
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 14019
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:01 GMT
Etag: "888d7d69b14c1f42e5b7c4c036fd76c6+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:11 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D2C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html Show response
platform.twitter.com/widgets/ Frame 17CA 37 KB
14 KB 463ms
29ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D0E) /
Resource Hash: a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5420381
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13592
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:12:01 GMT
Etag: "28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D0E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
148 B 55ms
52ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fcrescent-star.jugem.jp%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1688137920354%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=5fb9fd05f4b5d96207334ee8deaa807f4888053d

Requested by

Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 5
date: Fri, 30 Jun 2023 15:12:00 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 30 Jun 2023 15:12:00 GMT
server: tsa_b
vary: Origin
content-type: image/gif
x-transaction-id: 26a21f17cd921ebc
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: cf9fceb4ff11d91ff871bb3d04c91a92de59691423e6abc338b43c5028c617a4
content-length: 43

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
115 B 57ms
53ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fcrescent-star.jugem.jp%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1688137920354%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=5fb9fd05f4b5d96207334ee8deaa807f4888053d

Requested by

Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 6
date: Fri, 30 Jun 2023 15:11:59 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 30 Jun 2023 15:12:00 GMT
server: tsa_b
vary: Origin
content-type: image/gif
x-transaction-id: 4f47b48f555ad084
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: cf9fceb4ff11d91ff871bb3d04c91a92de59691423e6abc338b43c5028c617a4
content-length: 43

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
96 B 125ms
122ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fcrescent-star.jugem.jp%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1688137920355%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=5fb9fd05f4b5d96207334ee8deaa807f4888053d

Requested by

Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 80
date: Fri, 30 Jun 2023 15:11:59 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 30 Jun 2023 15:12:00 GMT
server: tsa_b
vary: Origin
content-type: image/gif
x-transaction-id: e8904a0b2f1dcd3f
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: cf9fceb4ff11d91ff871bb3d04c91a92de59691423e6abc338b43c5028c617a4
content-length: 43

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
91 B 59ms
57ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fcrescent-star.jugem.jp%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1688137920355%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=5fb9fd05f4b5d96207334ee8deaa807f4888053d

Requested by

Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 6
date: Fri, 30 Jun 2023 15:12:00 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 30 Jun 2023 15:12:00 GMT
server: tsa_b
vary: Origin
content-type: image/gif
x-transaction-id: 53c9862d2e8b137c
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: cf9fceb4ff11d91ff871bb3d04c91a92de59691423e6abc338b43c5028c617a4
content-length: 43

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
96 B 115ms
113ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fcrescent-star.jugem.jp%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1688137920356%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=5fb9fd05f4b5d96207334ee8deaa807f4888053d

Requested by

Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 72
date: Fri, 30 Jun 2023 15:11:59 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 30 Jun 2023 15:12:00 GMT
server: tsa_b
vary: Origin
content-type: image/gif
x-transaction-id: c66d257456bb4a49
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: cf9fceb4ff11d91ff871bb3d04c91a92de59691423e6abc338b43c5028c617a4
content-length: 43

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
93 B 59ms
58ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fcrescent-star.jugem.jp%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1688137920356%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=5fb9fd05f4b5d96207334ee8deaa807f4888053d

Requested by

Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 7
date: Fri, 30 Jun 2023 15:11:59 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 30 Jun 2023 15:12:00 GMT
server: tsa_b
vary: Origin
content-type: image/gif
x-transaction-id: cd1c37a083fbd2ac
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: cf9fceb4ff11d91ff871bb3d04c91a92de59691423e6abc338b43c5028c617a4
content-length: 43

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame C44E 43 B
632 B 72ms
26ms Image
image/gif 192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=dd9a7fe6-8919-4ab7-9198-f9439c5826df&expiration=1696086720
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

GET
H2 200 container.html Show response
2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5502 6 KB
3 KB 297ms
28ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:11:59 GMT
expires: Sat, 29 Jun 2024 15:11:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5BBC 6 KB
3 KB 310ms
43ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:11:59 GMT
expires: Sat, 29 Jun 2024 15:11:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FFE2 6 KB
3 KB 307ms
44ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:11:59 GMT
expires: Sat, 29 Jun 2024 15:11:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3AE3 6 KB
3 KB 316ms
54ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:11:59 GMT
expires: Sat, 29 Jun 2024 15:11:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F099 6 KB
3 KB 341ms
81ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:11:59 GMT
expires: Sat, 29 Jun 2024 15:11:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E00B 6 KB
3 KB 341ms
82ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:11:59 GMT
expires: Sat, 29 Jun 2024 15:11:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0428
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBmKSJ0yZF70oCDxjqYa0yE&google_cver=1

42 B
742 B

292ms
55ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBmKSJ0yZF70oCDxjqYa0yE&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 2fcb300b847bad3e7dd1184ec8a1c2f5
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBmKSJ0yZF70oCDxjqYa0yE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0428
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/LZ_osEKkmlc5yDstwI2G-g?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0xTTEiBE2oJsVbGGHT7w_gtJKD1IMnBIJdjnEg--~A

42 B
742 B

38ms
36ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0xTTEiBE2oJsVbGGHT7w_gtJKD1IMnBIJdjnEg--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 0228ab361cece0438ff9eb16e4e5890e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 30 Jun 2023 15:12:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0xTTEiBE2oJsVbGGHT7w_gtJKD1IMnBIJdjnEg--~A
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0428
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6b724462-72fa-46ba-9c10-3c9c030bc1d5&gdpr=0&gdpr_consent=&expires=30

42 B
742 B

297ms
55ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6b724462-72fa-46ba-9c10-3c9c030bc1d5&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 0b388c490ecfef74be7d13328a4f3ac3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:00 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6b724462-72fa-46ba-9c10-3c9c030bc1d5&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0428
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEpJUFFBTVAtWi1COUZM
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC8neeSa_XwkGxU7K5Q73tU&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpJUFFBTVAtWi1COUZM&google_push=

170 B
188 B

55ms
55ms

Image
image/png

142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpJUFFBTVAtWi1COUZM&google_push=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

Server

142.250.64.66 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpJUFFBTVAtWi1COUZM&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0b388c490ecfef74be7d13328a4f3ac3
Expires: 0

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 0428 43 B
855 B 662ms
184ms Image
image/gif 54.239.33.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:01 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AWMEWFX4KV8ADWZPF9JM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0428
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZET1az-yQjSHSRgDqKdPyA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZET1az-yQjSHSRgDqKdPyA

43 B
479 B

56ms
55ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZET1az-yQjSHSRgDqKdPyA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:01 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NFF3KENS7NYVVYT4BVHG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZET1az-yQjSHSRgDqKdPyA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 29af2665c43893332e84c235bac366c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0428
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTQ0YjQyYjI2MjZlMjM0MzU0YzY0YmVmMzgyNmQxZWNiYWRjNzhkMQ

170 B
188 B

56ms
51ms

Image
image/png

142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTQ0YjQyYjI2MjZlMjM0MzU0YzY0YmVmMzgyNmQxZWNiYWRjNzhkMQ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

Server

142.250.64.66 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTQ0YjQyYjI2MjZlMjM0MzU0YzY0YmVmMzgyNmQxZWNiYWRjNzhkMQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 2fcb300b847bad3e7dd1184ec8a1c2f5
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 0428
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJIPQAMP-Z-B9FL

0
513 B

145ms
62ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJIPQAMP-Z-B9FL
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:01 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 21805B725CB34550AC87C88B10D17828 Ref B: NYCEDGE1317 Ref C: 2023-06-30T15:12:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/Wj0j/+VQo4KhtIhBww==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJIPQAMP-Z-B9FL
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b5ba23d75d0dcd35432b720d73e3149b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C89C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west

281 B
554 B

56ms
50ms

Document
text/html

104.102.111.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.111.7 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-111-7.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 30 Jun 2023 15:12:01 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 30 Jun 2023 15:12:01 GMT
location: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
server: AkamaiGHost

GET
H2 200 publishertag.prebid.132.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 416ms
76ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.132.js

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:15:31 GMT
server: nginx
etag: W/"642e8db3-16298"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 01 Jul 2023 15:12:01 GMT

GET
DATA 200
OK truncated
/ Frame BC9E 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AFE3 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 58AA 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E6AA 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4A97 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5023 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 49BA 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

setuid
u.4dex.io/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58675/occ?gdpr=0&gdpr_consent=
https://u.4dex.io/setuid?bidder=yahoo&uid=y-NkGM3pZE2uGJL_RIQB0NOvhNVpamC44SzZSynQQ-~A&gdpr=0

0
705 B

99ms
90ms

Image
text/plain

34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=yahoo&uid=y-NkGM3pZE2uGJL_RIQB0NOvhNVpamC44SzZSynQQ-~A&gdpr=0
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:01 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

location: https:///u.4dex.io/setuid?bidder=yahoo&uid=y-NkGM3pZE2uGJL_RIQB0NOvhNVpamC44SzZSynQQ-~A&gdpr=0
date: Fri, 30 Jun 2023 15:12:01 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BCEC 624 B
689 B 182ms
80ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNU4tbVpENdZbRibks-Wy8fbgzsZgwR-mE2EAvS56DAacJgxmEZTGh7eeD1xFmX2jCVsANf5LpYsXRQLkW85x3zudjhFqw

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:12:01 GMT
expires: Fri, 30 Jun 2023 15:12:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5502 78 KB
28 KB 169ms
62ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:12:01 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5502 42 B
107 B 208ms
103ms Image
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ChmXceeXyNgy-ao82LCHgDJfxYlFpPVzzdWjjcfsrtk3rESJFggJ0FH_5IhuYsCeJINoZH67Hv9CY3WnQBKWyZcR-ajtC37HG-8FkMrvdi8NdHNCc

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5502 0
56 B 177ms
72ms Image
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1405930076806379612&x=1&ct=76

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 5502 3 KB
1 KB 197ms
82ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 5502 20 KB
9 KB 141ms
32ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5502 179 KB
56 KB 95ms
87ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:12:01 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C89C 34 KB
10 KB 45ms
41ms Script
text/html 104.102.111.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.111.7 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-111-7.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 40ed6544f8fbd27415b19c458bf043cc143f0d15ad1e5adb175b90c74b9849ad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:12:01 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Jun 2023 01:38:20 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37586
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 01 Jul 2023 01:38:27 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 599E 624 B
368 B 166ms
82ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNV_4ktpaRhdRcnYzb-WLs2vQm2Wf6Fg4OLn4AaBxY38i5i5Kr3Nu599TjyAawDpv8w-Ahf4HXFqo4yWCehIBR7O0Q49bg

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:12:01 GMT
expires: Fri, 30 Jun 2023 15:12:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5BBC 78 KB
27 KB 239ms
157ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:12:01 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BBC 42 B
107 B 179ms
102ms Image
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Be4EkZ21MgJlVIN0SYC2C_Z0XMBQU5jW_thMZrwTO8UOEEXIZA0vEUe_vzzjEcTebjBtyQ4l0rqrC05jehZ0FRzKLF6u4ZVxcEm1s4dPgKUyMEMWo

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BBC 0
56 B 150ms
73ms Image
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7814494757126585602&x=1&ct=76

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 5BBC 3 KB
1 KB 167ms
80ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 5BBC 20 KB
8 KB 120ms
34ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5BBC 179 KB
56 KB 109ms
108ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:12:01 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CD77 624 B
368 B 146ms
83ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNXXDHvDPupj104kgRCOvehwxUfs_h1VqGBznGZka33ACWInzZwEjYLTlGMMdmJKXJ9XxelrtSZzslALSWZYNl3QfSmNGg

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:12:01 GMT
expires: Fri, 30 Jun 2023 15:12:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FFE2 78 KB
27 KB 282ms
219ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:12:01 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFE2 42 B
107 B 167ms
104ms Image
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BYACZ7q3wTFT-_jhp68Dr30gD2fJaEWEfzYgnoU8soNqgW9qciWdPNpVUhLb6pAJqa0DAErZxSYoUN8UQ92TB0IUghnpYyN41U39NV38H71lY-6AA

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFE2 0
349 B 120ms
59ms Image
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3162322353430363185&x=1&ct=76

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame FFE2 3 KB
1 KB 137ms
66ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame FFE2 20 KB
8 KB 113ms
42ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FFE2 179 KB
56 KB 92ms
85ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:12:01 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A6A6 624 B
368 B 112ms
83ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNUOqECeibP0v9pOi-PNBTU4CnkpG1iYAfpXAIxUdgOJ3W3gyYvkSMtfXEFB4Z5612d9UFoNF8EfQ6j06I5r-UGJLXcW9w

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:12:01 GMT
expires: Fri, 30 Jun 2023 15:12:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3AE3 78 KB
27 KB 208ms
185ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:12:01 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AE3 42 B
110 B 97ms
74ms Image
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dba5r3qkyfLHpoWTM94MIB5XvEYMdfaoxLUDQ_Wqqsxfi7v1XYuYRlTpoGFFbzpK7yRgfK4_zoS0lfCWkC610zVhqwTHimqFELiUNgjnkOOemIZqc

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AE3 0
56 B 121ms
102ms Image
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15188030865402540090&x=1&ct=76

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 3AE3 3 KB
1 KB 112ms
83ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 3AE3 20 KB
8 KB 93ms
65ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3AE3 179 KB
56 KB 100ms
95ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:12:01 GMT

GET
DATA 200
OK truncated
/ Frame 4916 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0D02 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 857F 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7349 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 76FD 640 B
308 B 86ms
72ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNXyuufD4UhjcZuHxxGNjSXHChomLmPexh5gxs5s5gMroF4ECEUWCSrCWhKGF26x_D5wU-DMcrwJSpHfLiSvd4SUPiTFWw

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:12:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F099 78 KB
27 KB 109ms
96ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:12:01 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F099 42 B
107 B 71ms
57ms Image
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DWYD3BrUXFlQ1ugJLmwj-JVgibe_2lHPkRs7ZvUqwBeAB1-RwXIfzkYFv5yfAkdyOJEKrX_gOvRiJ41yNUX6SDBFZ-BxZP4TlOnECRlKpAaSZ8Q0o

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F099 0
56 B 71ms
58ms Image
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13870621896178086372&x=1&ct=76

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame F099 3 KB
1 KB 44ms
31ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame F099 20 KB
8 KB 41ms
29ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F099 179 KB
56 KB 78ms
72ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:12:01 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 779D 640 B
305 B 77ms
71ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNVFrRipAFQJRrrA_ipDiJePePg0ed8rvI-JXXUiLN4wAYjMdE9HIx-fpsiuPvNC74K1-7PV_PDmdO54jGdWKHG4sR-9ew

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:12:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E00B 78 KB
27 KB 138ms
130ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:12:01 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E00B 42 B
107 B 57ms
50ms Image
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DkD8n_6FaLhUv-udMYURUTw-w9JiYXX32VcFVtEu6TMdOMJQMGL2ciFX9HZxDpjoBNyTVKeUti0G4s2v9FM3YVhGkZ6Bq7ies4d2WQWiG9CR6KtLE

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E00B 0
56 B 64ms
58ms Image
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5559511400978607795&x=1&ct=76

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame E00B 3 KB
1 KB 43ms
37ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame E00B 20 KB
8 KB 37ms
31ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E00B 179 KB
56 KB 153ms
149ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:12:02 GMT

GET
DATA 200
OK truncated
/ Frame D367 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 65EF 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 430A 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6531 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BE66 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AEA5 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 55DA 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B921 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 17CA 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BCEC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1

43 B
632 B

30ms
29ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNU4tbVpENdZbRibks-Wy8fbgzsZgwR-mE2EAvS56DAacJgxmEZTGh7eeD1xFmX2jCVsANf5LpYsXRQLkW85x3zudjhFqw
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BCEC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJ7wv7M16opIMKMsIAK4KAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1

43 B
632 B

34ms
30ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNU4tbVpENdZbRibks-Wy8fbgzsZgwR-mE2EAvS56DAacJgxmEZTGh7eeD1xFmX2jCVsANf5LpYsXRQLkW85x3zudjhFqw
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BCEC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEsCszh4v5pZ82GqiRlInRE&google_cver=1

43 B
1 KB

36ms
32ms

Image
image/gif

68.67.179.113
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEsCszh4v5pZ82GqiRlInRE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNU4tbVpENdZbRibks-Wy8fbgzsZgwR-mE2EAvS56DAacJgxmEZTGh7eeD1xFmX2jCVsANf5LpYsXRQLkW85x3zudjhFqw

Protocol

HTTP/1.1

Server

68.67.179.113 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:02 GMT
AN-X-Request-Uuid: ee5b6f27-1375-4716-8051-2459b61879fe
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 96.9.249.40; 96.9.249.40; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEsCszh4v5pZ82GqiRlInRE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCEC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc4MDU5NjQwOTc2MzU2NTM1OA%3D%3D

170 B
188 B

47ms
43ms

Image
image/png

142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc4MDU5NjQwOTc2MzU2NTM1OA%3D%3D

Requested by

Protocol

Server

142.250.64.66 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 30 Jun 2023 15:12:02 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.249.40; 96.9.249.40; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 66d8feec-4b6a-4f7a-9a9e-14c70bc6b16f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc4MDU5NjQwOTc2MzU2NTM1OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 599E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1

43 B
632 B

31ms
29ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNV_4ktpaRhdRcnYzb-WLs2vQm2Wf6Fg4OLn4AaBxY38i5i5Kr3Nu599TjyAawDpv8w-Ahf4HXFqo4yWCehIBR7O0Q49bg
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 599E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJ7wv7M16opIMKMsIAK4KAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1

43 B
632 B

35ms
31ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNV_4ktpaRhdRcnYzb-WLs2vQm2Wf6Fg4OLn4AaBxY38i5i5Kr3Nu599TjyAawDpv8w-Ahf4HXFqo4yWCehIBR7O0Q49bg
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 599E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEsCszh4v5pZ82GqiRlInRE&google_cver=1

43 B
1 KB

53ms
39ms

Image
image/gif

68.67.179.113
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEsCszh4v5pZ82GqiRlInRE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNV_4ktpaRhdRcnYzb-WLs2vQm2Wf6Fg4OLn4AaBxY38i5i5Kr3Nu599TjyAawDpv8w-Ahf4HXFqo4yWCehIBR7O0Q49bg

Protocol

HTTP/1.1

Server

68.67.179.113 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:02 GMT
AN-X-Request-Uuid: ccef84cf-548b-48cc-a635-5b8c9a7b8fa0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 96.9.249.40; 96.9.249.40; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEsCszh4v5pZ82GqiRlInRE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 599E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc4MDU5NjQwOTc2MzU2NTM1OA%3D%3D

170 B
188 B

48ms
43ms

Image
image/png

142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc4MDU5NjQwOTc2MzU2NTM1OA%3D%3D

Requested by

Protocol

Server

142.250.64.66 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 30 Jun 2023 15:12:02 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.249.40; 96.9.249.40; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ae979ff8-0374-48fd-97d9-eb11c45cc0fb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc4MDU5NjQwOTc2MzU2NTM1OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A6A6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1

43 B
632 B

29ms
28ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNUOqECeibP0v9pOi-PNBTU4CnkpG1iYAfpXAIxUdgOJ3W3gyYvkSMtfXEFB4Z5612d9UFoNF8EfQ6j06I5r-UGJLXcW9w
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A6A6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJ7wv7M16opIMKMsIAK4KAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1

43 B
632 B

33ms
30ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNUOqECeibP0v9pOi-PNBTU4CnkpG1iYAfpXAIxUdgOJ3W3gyYvkSMtfXEFB4Z5612d9UFoNF8EfQ6j06I5r-UGJLXcW9w
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A6A6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEsCszh4v5pZ82GqiRlInRE&google_cver=1

43 B
1 KB

48ms
33ms

Image
image/gif

68.67.179.113
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEsCszh4v5pZ82GqiRlInRE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNUOqECeibP0v9pOi-PNBTU4CnkpG1iYAfpXAIxUdgOJ3W3gyYvkSMtfXEFB4Z5612d9UFoNF8EfQ6j06I5r-UGJLXcW9w

Protocol

HTTP/1.1

Server

68.67.179.113 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:02 GMT
AN-X-Request-Uuid: 44e3fb47-4371-4bee-8bb7-da9fbfdfe971
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 96.9.249.40; 96.9.249.40; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEsCszh4v5pZ82GqiRlInRE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A6A6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc4MDU5NjQwOTc2MzU2NTM1OA%3D%3D

170 B
188 B

43ms
41ms

Image
image/png

142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc4MDU5NjQwOTc2MzU2NTM1OA%3D%3D

Requested by

Protocol

Server

142.250.64.66 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 30 Jun 2023 15:12:02 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.249.40; 96.9.249.40; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 0b7652ed-ff4e-45b1-af28-5a8b8fe0c305
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc4MDU5NjQwOTc2MzU2NTM1OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CD77
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1

43 B
632 B

53ms
26ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNXXDHvDPupj104kgRCOvehwxUfs_h1VqGBznGZka33ACWInzZwEjYLTlGMMdmJKXJ9XxelrtSZzslALSWZYNl3QfSmNGg
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CD77
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJ7wv7M16opIMKMsIAK4KAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1

43 B
632 B

39ms
35ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNXXDHvDPupj104kgRCOvehwxUfs_h1VqGBznGZka33ACWInzZwEjYLTlGMMdmJKXJ9XxelrtSZzslALSWZYNl3QfSmNGg
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe0zCvzXbgWPZKHn6IZTdw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame CD77
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEsCszh4v5pZ82GqiRlInRE&google_cver=1

43 B
1 KB

37ms
33ms

Image
image/gif

68.67.179.113
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEsCszh4v5pZ82GqiRlInRE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNXXDHvDPupj104kgRCOvehwxUfs_h1VqGBznGZka33ACWInzZwEjYLTlGMMdmJKXJ9XxelrtSZzslALSWZYNl3QfSmNGg

Protocol

HTTP/1.1

Server

68.67.179.113 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:02 GMT
AN-X-Request-Uuid: 0669bc6b-1007-4413-b5d8-a70191109de7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 96.9.249.40; 96.9.249.40; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEsCszh4v5pZ82GqiRlInRE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CD77
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc4MDU5NjQwOTc2MzU2NTM1OA%3D%3D

170 B
188 B

48ms
46ms

Image
image/png

142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc4MDU5NjQwOTc2MzU2NTM1OA%3D%3D

Requested by

Protocol

Server

142.250.64.66 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 30 Jun 2023 15:12:02 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.249.40; 96.9.249.40; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6fd0753f-dc97-4d4e-b78e-72cd99bcbf99
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc4MDU5NjQwOTc2MzU2NTM1OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 76FD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHG4neOKdXaWKSbG9a9BVf4&google_cver=1

43 B
61 B

67ms
58ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHG4neOKdXaWKSbG9a9BVf4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNXyuufD4UhjcZuHxxGNjSXHChomLmPexh5gxs5s5gMroF4ECEUWCSrCWhKGF26x_D5wU-DMcrwJSpHfLiSvd4SUPiTFWw
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHG4neOKdXaWKSbG9a9BVf4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76FD
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGE2MDllNjUtZjJhMi02ZTQ5LTU5YmEtMzZhZTcxOTQ3Zjk1

170 B
188 B

87ms
78ms

Image
image/png

142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGE2MDllNjUtZjJhMi02ZTQ5LTU5YmEtMzZhZTcxOTQ3Zjk1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNXyuufD4UhjcZuHxxGNjSXHChomLmPexh5gxs5s5gMroF4ECEUWCSrCWhKGF26x_D5wU-DMcrwJSpHfLiSvd4SUPiTFWw

Protocol

Server

142.250.64.66 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 30 Jun 2023 15:12:02 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGE2MDllNjUtZjJhMi02ZTQ5LTU5YmEtMzZhZTcxOTQ3Zjk1
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

um
sync.teads.tv/ Frame 76FD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEAsyjuQF7iJmtjiA2SF8_kA&google_cver=1

23 B
278 B

233ms
127ms

Image
image/gif

23.52.160.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEAsyjuQF7iJmtjiA2SF8_kA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNXyuufD4UhjcZuHxxGNjSXHChomLmPexh5gxs5s5gMroF4ECEUWCSrCWhKGF26x_D5wU-DMcrwJSpHfLiSvd4SUPiTFWw
Protocol: H2
Server: 23.52.160.7 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-160-7.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Fri, 30 Jun 2023 15:12:03 GMT
pragma: no-cache
date: Fri, 30 Jun 2023 15:12:03 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEAsyjuQF7iJmtjiA2SF8_kA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76FD
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDZhMzQyOWYtNWM4ZC00ZWE3LTk5N2EtZmVmNjE5ODY4NzJh

170 B
188 B

55ms
47ms

Image
image/png

142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDZhMzQyOWYtNWM4ZC00ZWE3LTk5N2EtZmVmNjE5ODY4NzJh

Requested by

Protocol

Server

142.250.64.66 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:03 GMT
server: akka-http/10.2.10
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDZhMzQyOWYtNWM4ZC00ZWE3LTk5N2EtZmVmNjE5ODY4NzJh
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Fri, 30 Jun 2023 15:12:03 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 779D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHG4neOKdXaWKSbG9a9BVf4&google_cver=1

43 B
61 B

88ms
80ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHG4neOKdXaWKSbG9a9BVf4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNVFrRipAFQJRrrA_ipDiJePePg0ed8rvI-JXXUiLN4wAYjMdE9HIx-fpsiuPvNC74K1-7PV_PDmdO54jGdWKHG4sR-9ew
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHG4neOKdXaWKSbG9a9BVf4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 779D
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGE2MDllNjUtZjJhMi02ZTQ5LTU5YmEtMzZhZTcxOTQ3Zjk1

170 B
188 B

86ms
78ms

Image
image/png

142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGE2MDllNjUtZjJhMi02ZTQ5LTU5YmEtMzZhZTcxOTQ3Zjk1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNVFrRipAFQJRrrA_ipDiJePePg0ed8rvI-JXXUiLN4wAYjMdE9HIx-fpsiuPvNC74K1-7PV_PDmdO54jGdWKHG4sR-9ew

Protocol

Server

142.250.64.66 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 30 Jun 2023 15:12:02 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGE2MDllNjUtZjJhMi02ZTQ5LTU5YmEtMzZhZTcxOTQ3Zjk1
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

um
sync.teads.tv/ Frame 779D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEAsyjuQF7iJmtjiA2SF8_kA&google_cver=1

23 B
279 B

201ms
96ms

Image
image/gif

23.52.160.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEAsyjuQF7iJmtjiA2SF8_kA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj23MHfATAB&v=APEucNVFrRipAFQJRrrA_ipDiJePePg0ed8rvI-JXXUiLN4wAYjMdE9HIx-fpsiuPvNC74K1-7PV_PDmdO54jGdWKHG4sR-9ew
Protocol: H2
Server: 23.52.160.7 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-160-7.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Fri, 30 Jun 2023 15:12:03 GMT
pragma: no-cache
date: Fri, 30 Jun 2023 15:12:03 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEAsyjuQF7iJmtjiA2SF8_kA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 779D
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=N2FiNGY0MGMtODg3YS00NTk3LWEzMjItNzFhZDBmOTJmZjI1

170 B
188 B

69ms
68ms

Image
image/png

142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=N2FiNGY0MGMtODg3YS00NTk3LWEzMjItNzFhZDBmOTJmZjI1

Requested by

Protocol

Server

142.250.64.66 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:03 GMT
server: akka-http/10.2.10
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=N2FiNGY0MGMtODg3YS00NTk3LWEzMjItNzFhZDBmOTJmZjI1
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Fri, 30 Jun 2023 15:12:03 GMT

GET
H3

200

setuid
u.4dex.io/ Frame C89C
Redirect Chain

https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LJIPQAMP-Z-B9FL
https://u.4dex.io/setuid?bidder=rubicon&uid=LJIPQAMP-Z-B9FL

0
15 B

111ms
107ms

Image
text/plain

34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=rubicon&uid=LJIPQAMP-Z-B9FL
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol: H3
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://u.4dex.io/setuid?bidder=rubicon&uid=LJIPQAMP-Z-B9FL
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b2a5c63b17f16a8024ffc6259157eaa8
Expires: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5502 0
20 B 63ms
62ms Ping
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9495308035499&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5502 0
20 B 62ms
61ms Ping
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9495308035499&version=m202301230201&ct=76&x=1&cor=1405930076806379500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5502 76 KB
35 KB 85ms
84ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AgXhNadO5dfxOVphIKUJw5fIcvKdbkfPwvtq4B6pRoI0JIvv4JGQtqmyne0s8i8HKZk6A9MfWpVB0Lp8BMhEjIqpDyzg&cry=1&dbm_d=AKAmf-APRZ3DYpEVDiRC7t8bWOhDpGdvwtumW5v-VpJs9xBJp3w3_g_LFsItO6SMI2dkTB42oK5f2yjLuMJBy5a8-04jTwcPwIUPEYgkPc7aiHag8oILgbQOq2GSOqbcztm2wTGANTgHuHorGGnOMVhLz652RTuX2mPqKxMPxwfyY5HrwF2tkQlqORKnlE_ltHDusyznc-FfBmssr_076Rm3MV8QI5Glph9HIN2Qef3B2jQIDO6afSBN1-lXSIt8SSrAyiSZHWIIXkjUD-R453P4Zryz9WVWcLkbQXKWjIeYarUE5iyet3-nJN9Fj2_nWkUKPV8vIfel23HzsojVu_xzbxynLqISQ4tQ8thwnS8IbhkVxLAzeytiDh8hMPmJsfCQAJKEPvjyXo7WGZz7S1fcwnRR2yFPbrZ76FXu7p7agf6UYabAYiXFbnEdpZfKeqwAaoBMUiEmZVoqt66Y2wdi4hd_2immnwiEX5oBlJKDJyxWDO5O9xpgxxS2BeiTOD3AnDKGaTtjbkakrmgh1TrzV7AYf-kHepWku-qoszLW2HzVjdHxXc4QtTkDT2l3MxQ2AiD3FpO3e3IKHZr39ivyGX7sAMOUFnNDVE7MWWoouMeXpPGUBGEaqikM3oHc-ggb2a07JqeRU9WsI1CBbw14HK21oXVkgPb4NJig-KFVPSZRhAifn6gUs4YmB_7UF14UaBvDIeKaKNz8GC_dhmXH4qaaafa1ZZeydjJaK6fg_B08v72Zzt-hnADmH5wPNwVaFywvJQS7FbxrMTJp1OtXnSf4Isa2JUra7LAQAn-esYc8RYSFO2Azvb7cih7_1kXejKRNttkDSbkxTT3KxBSb-IiOxbXB4T3XZP3V9BBWAb09_kb9ZE1Y9gJCrYQZu2J3-Z504NB4C2Vnt2gnU-g8EaXhlx6ppQ7_nB3thx22Cv-zxhhWh3Xmwoz0SDoPJMd5CpvWWXVd7GxPbclR8ldRz3XKrZI2mmLg7h6PNRuS2OL8nH8o_U9LkuOKDsb_b2kpuPH84oQ0Zjb1LEQC2M3Tz1_-KFXzsGzsGIOFmhe-SezOJU79_M5Xv0wJOfepewtwTgd1ac8rH6dBplTEtc8xd4Jlm9ex30aVj0MVPVL25YMlp84a2IWV9OiL6zAoDee777V__3_w19Y4TSAWyNhhU3C9ijiZzj7ZyJ19hP4y5xAT9ZuweOfR3IMhzRq4bCOMYGFQT3XRudnfTcZCvLK0YZoaSfTktvEPJqyl3D0XKyGYmvfmaHR2dMa7GXG3NeekQWsgGxzwYOpjr895l99B3I2Tp7pchYDg3K94bsu6qxmYzE0EMjwAhJRGup8ZWU63xQlucG3JNix1zofQqjRhQnSzXD967EchG8BWdDyYfmmVMV2fGVuxrfzKzhZgugJs6fKTBLmeNVOaYDtJEpkkLISsM2BXDzIY7o7MHgBrp1mR1yp8fHihHe3PCWzh_IZJkll5wgpnYcF6xGyURo6b3Jn4oBeEOObRy05QbFkmUM0C-YnXodUN545SE27tN-Y0HYpmsCvDSffV1E58YnF9iCzTOQqYs4RsPMLLyf5DtvSm6vn74YqH08X_SDEIqnfqLPwjj_5Z2fSXPxh5FHHuhQZJsI5UdQejIqiTB9FFGwJ-mV5irFhmJRdHP6xo3E75eYdgJDtwJfiaJkbvcJYvEJKMOnSdVx47O_WRe5CCmw7hI7vAxiVMigeTVWzqpyO--Gu87ngW4aWQVyK0KB-rP_miLgKYUFO5HDERplRY2_bgsjEUNIkvmImBzpeS_j7HZ7CUVmLuN_qTFio1mjc9fSOrSXYObtPOBdJL_HCvYQSG4teL6BShH3OK3NTPSnNP1kt7BeFj5HZtrAEdZ_n2m1cHW21PV0hsB1Rma4CCaWjk-1FTmmaklvCzvLTeSWJxL9Fkh0QfcTCW0vqj3CSPTgKNNtj_VqV3ZN31Z61xka-_sk7hMNslg8gGVYgs2Hs3ciOkDmaxzbsr6hwjPlCCuAx5Vo7th1iu9G8zffWG25bqLyxtWtSX3C6EvYtlSstJUgVgo11n80S-vd5E33WbY1_vc6gIxw24T-3mzotk-O58E31WvmL3llNFY1cVaalJp1h_32dF2d9lblnk3kiP30QZxybZDeHJCGPentaJqxQVI8zATIbJaRZI2e43bwfC96yRQJJMGKDrzOsSamQcQ0OEAQzuCf5ODnxJfblgXXQaKry48YSYvhHcSS9xsWELBuawt_6hBgtGeLRPcvJyobDlv3CZYfjhBEnhDXDodMme3WBPbcGmvtiMxlLEtlfYzNbkImtMhtPTTf7if2ccrFF9gIzBybMjiTQlYa5u2Gq_lqR97B6j5Oswjmru6uc1YXezcwaQPOyZvR-XDlS09str5P7HiujaPJ7S6tuYCNqDk1PgqOlx1E-rhf6_n0s5MwrdhY-xNUcdmPWbiM3QAZQPlxeVK9vo5lO7jUg2gdFMZ9LfEO98yGVpj0W84AV7QzZA8x7JzTbPOsUEBHvSmCbDyeN_7H5zH5dHWyPIJHjNfWhwREQwAEQbYpz0qu2Lx734oCE3BQG5pgC6HtX7L_jziGzBNvjsawVdUDJ0ly8chcHillZnP460U-Gc21lU1bzcz6qen7kGheHbq9LU2HHOJoFiHRfA0WBYphnMTJCgI8X3FTar93T1EUIO8R-nZtzxspPFFncd30PNpd1yEpOqgFMrZ_8UJxFlx24ikSVxEHFiSKGsW0EIJvo85qY7JqRDKZ_-mfPB3xVvePYLqLY_qKs0CFj-6jbHdscrd4fvEYDhD1bO0EGOg_83JC-zPa1F_sfQ-a_-6tertwb-lPw7BqzOwoiVJd-SlsnzdCtjHtTddnXaYVdlSx8TgFkyfPG-kkLHJkKTwrn1d8O0YDU5qeRbCWf4noAzLtv2VR4yliQSSjP3jmlbbUyNX58bv19wivAqAfXFXHVYmPrXLRWsQu1xNUppvDKSNzVs8Qstdmr-ZEabU6PoV7z6Idxxu4BUcfRHnwYOGjXTn3bYunxuWp9cw5cglnp_jjBJrCoWAD93xAgTUguS-LQc9XyUkMPI95dT-QFXYawgfK5lwwDFxLIr3cVaNwUxYU2PWmm1QZGcW6J5W7tZY_pmLftr0FtafNXD_Ov0ZU1m37_-y2xjGHWh31YbZnHQXrP4Zg_tAaNHdLY0s4RJNlgHZBu7UEx2QfyjbX31o229ScJjUQchrg0OMopwIJR5XsIC9XSz7AVUWMP4j-1ZdTqDEBD2B8NfMoeLhOTzNZKwQwSc14W4SfIpZI8UihcWWcHSFufQ9J6qmV34yQxD22gnBlXCsK1B6JVdk2QGBkRDv_JMNX5c8-AY0ML_-NP5GfNXoIfXLMdW__QOU-Eo1zkbZC-FzNKtzuBcnZPiyCG1a5w6AX3lNodeOGN4GZEOvfeVhxqVPNfAvhNQdYObE1USAXI6Xr-Aa8JgZ0layuwF5l5pYIhi3Uwfw9tuUu-G4HM9vhFh9ioexlqO1f914dEwPGHi43DoRUHj&cid=CAQSTABygQiD-f6B86V-berF-lygsRP9mMcV6coNiSuzI0ADf3Aq6AS9Gm04pkNbjaH1Zk-t7F_fJ-CLbAlxO-dKFxvhePHn01QnI3PiD1oYAQ&dv3_ver=m202301230201&rfl=http%3A%2F%2Fcrescent-star.jugem.jp%2F&ds=l&xdt=1&iif=1&cor=1405930076806379500&adk=2975593758&idt=209&cac=0&dtd=311

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e4b004ecb569471e8b354ea39475e850c8773931c8bdaca87015ef92c3e386b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36082
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

setuid
u.4dex.io/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZJ7wv7M16opIMKMsIAK4KAAADvQAAAAB

0
15 B

110ms
107ms

Image
text/plain

34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=indexexchange&uid=ZJ7wv7M16opIMKMsIAK4KAAADvQAAAAB
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H3
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://u.4dex.io/setuid?bidder=indexexchange&uid=ZJ7wv7M16opIMKMsIAK4KAAADvQAAAAB
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 200 publishertag.prebid.132.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 147ms
42ms XHR
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.132.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:15:31 GMT
server: nginx
etag: W/"642e8db3-16298"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 01 Jul 2023 15:12:02 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BBC 0
20 B 70ms
69ms Ping
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2787939463416&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BBC 0
20 B 56ms
56ms Ping
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2787939463416&version=m202301230201&ct=76&x=1&cor=7814494757126585000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5BBC 76 KB
35 KB 89ms
88ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmhdfrNn0KzeYxgYiP-_p5odDulM6ZLOQLBo2_t-0CM0U_0KibgZHNekrBKHSaqxBnXedO6ydwKzJVQnrw82Bc8AZVgg&cry=1&dbm_d=AKAmf-DQE5dt_C-fsN-E2cNWlG9lLSv4Mh3ECAZVeQV5XNbhab3wYNLKqpOINbaqfPoPnAyls7o5Iks5Ks8aZY1Edq5dhis3YQGrZ-mbV09gYFHjnHC9kdmLy0KkngnuPhAK-R7mX9xw8DUUJP3w42GxambiP_Du27ZcB9OWdZ0tEH_xJGiBIvC1ISy7em9ZalUr8SCCkHmSnbOI7WWW7AWp_n6dpOxcTV8ePLguFjUnhgsJxEaEivW-KkKAvXjNXqOX_ihY14RhnEpBJi8eyyV1oOQq1IaKdoqI8hLIJHHb7-WWWVAw-L8ad4DDbgyG0pvWwEifIJfoijweBr-KWrwFxxc5Xw8mMXMB9pn3BiyazDnE2QiRfX7pmYq9FxUtcwgnBPlMKa5Bm49AFn8b2zsypiXjt6lvz1L3cArVt0ekeONfx7hWFLVKcDwWaInpHfEDcRa3rPIj1D70WOktRWjqSmtrps4nxftki1zUIIOI_mwfa9sMtKQDYVFHPlehDGE9xfoKWZCexlZ7KbBEvc0SLNUspv1HSU2X_9I0iODMhmCyVA6CthVQLaOc7aytoqb90co5Pg-OyfBs4WUS54tqiaxtSl-wHfRb2YKcRN2mWPj84kof2mzuNYYvg01ags8Dz8v1AUI5QGa0QWUV95y1K3vXexRmPFhlK9QC4Mzw5iUz-GMU4MXmAxLSA8GMCOQK8vnqq52He56Wsj8Y9ydnWfj7KH1G9gKwIzhVubblW2pvjiFu8v0AMyE_Z84m3briD8jNQyq7RDgxOfB5ZGsHb8CF_VdIgH-1DsYanQWdY8PhMF45Q13i_FGQEZwPzl8Xn9r6g6asJB8hrCLCeApjLxa37ZECognyz15OcW9JoRE3VcVt34hWUIgL1ZsyPyu6KACnmcM4DWcQ27RcsZZeeXeW3Vlh0mjLjdaHDwoJJrLGOi3eaHpfylUsW-FlMY2aDM-RnffeNa7Iw2hx4WurbWfyfoc6conEJeUl0uTWkJHL7Q7uBpW4_bjE2fwXfVp5oZGHxKPO4wrY8GBieijT8SYm3BXVX3igfl4sEzylzZqnBDTFGH3IWwFAASCFNpc7YDNSRTpM8bChS8yyk2s0le-6gbcnlrocZwzCloZBdoSkV-30s_8SALPGhKhPqeB_5Lc9kd6GwxJb2GtlfoPdjL-FQP-7biMwGfLZbUO8sqLi04RHMd7-nlmq3Su1Yx_eVCfZeMiH3cbJjMcCFAeDjiIY8mOMc50fuZN8tYcJVpFHE9eZlDHfvOVYNMbvqqVGyXVGjWGbmRdNli-0hApWYVxN_yat3Or7tJqz0-Y_J_7jqdfio8HLR_Bmxvoq5SlvoY8JJtWjJRRiYWrwyL0fK6xSB0Rcq7HXNqJMUKAuzbqXW0AvAyU5KSEoVeCOViX6qBt3XgaBCvhHYweHu-frr5txMGgeoe0EF7NjTbbkdpzXN9zwlRyrrksoc4aiObUqFkeKUfQmKOIh7Yu5dW4yrgHSuLPykc4_YGZHagOZdsWFTHRXL1yqfGbONDTKmtpmizuCSBDUy1gF8_dfvX8cDuF-Zz-SS9RewS9vGCGXhsuYWzFKI2SMacebgNd6qhQKSpgQtS6oAXZiaagXOCYd0hBm-ze9neA7TgN7uNb7_3X-0sHWfFL7mnSFHM7cz2BVZRKrAZv3qI9DpkfjtGqjRCaYxIRFjiM2aiqp4uPt1RxkZ3rVMnvzvmOB76Zz7Ziqt02tw33rI2QJJe__1nlpvXTkzwg_oLa4c0QHjtnDsB6NfhSgYTNM5oyLfIN1V9utD8pS8_5x4sxoa1h8GGwXBWmLRdgl7GUiNR3K8a1ALpudmJtkMZ9y4EO2tRok4FvfR5wfffnLZrFEIMY4LmgNHK_-0vagqqH3UXfdXNIx69z_AJ2vBGWPeN6xVAwfz0jfIsVow3u7X7vcAtv6_F5k9jH_hMAmSC8C7Rh0CDAXNXzz3vlqcOuvSvNY8-QLoshQIU35qhz0IAJqjMgBJJB5f7-RBoClJ7Ar1GWJlMTbEyP3HF8ppPZR1U6c5Z3ZBGgN4BITNoN73FOQy-qba8frculKDU-nwVqN8-1oof22EVvYXvQhlP7sxA3_53Y9ODIrdG0l1251U7FR5vR1Ek0DCZTWg4YC_nB8KIahGuEtp5-Q1-kIhFgwwdQu3iicj_2d5l38h2cRqit9gWxdlS1GxW7tBZHkbAYBa0vB3F8P2o0sFHOo6hxieWErVv0ydntFMrmLi_E4WeMLYS6viRdz9nGpo8eaMzJRNxGUFrNttpbo5HorSen22xa6wLZT3T0_vvuuVlKr_BboY3IkbgmIG1pvZ0jpLEzoMn_wLGn57Pr7BjXhMCZcutLj4VHrCPUsunb5aWyUS5JD3PrU8sejSZXR3AomJibcSgGk9OQFs6QoOI-gGbuS-odxOKMfZOE80qNe96_hn2AYUwnp1icpN5AhNWkXNmhB2wEJljWu3TJWTcO8me_DlGhjjKQZ8zPjT75lAAkbCJkw9sNKAwtPDQBrVp72SzXb-fOkncbKhcnmWwbw3yo1U9PqAPcej9UqVQ0dAk9n7X9ZdHPRz2eaNAttLw_9dsZ11ej5W2ovYtSUvo_wy-WoYpsSE_5RD8XA3apUFJYNNKqxdLDwf1sq6bocc6iXZ0O3kftwAjY2hgBCt6km8youPyNetH6QAtmk3yf4YMlrtc6U6b4pCR6zbU7ShkTJjFn6dK4WMe67GePbBEXO6w3qx44NmpRKXv6gnS60QswWypllXflWRJVqsYyv-UBm0MTQjpkY5V6pI8BUHVnhhWPiPz3jpi6g2rYLUfYMFaNMgLkSx7YaKv9U7Q1npAvVtfqR-1KRhyJG9khDzXFsnnCNwIOzDEXuCfrsyRiptgCAnteWQPxuYCCQC8YymJzRP9pOChx3uo-oLrSxg9dqfz9VvsD8C9-TPw-JIvQr6PLEGeqbcJsMUiLnihQub7c8RSaNlAcDz5-LqZs_a4bwVQs5EZKkbArNdXT_ixlHy9PtUs-Qy7YbO6eSCD41Xu7qRgrRM7MeleGnDrbK8L-X-L-82H_aLdqXe5pwV_v8vC0YyjevG0Irp1W6XHKPi00m-1b3XA5ceCfKje6r5ErKB0TfpCHG7Zn0cCAM49levzNxoGoBd2TMIbLm77NCpaZry4GA9NyKsdI5UaFAeM-C3GVBfd1fAb4D8XhkHbG743lraXQI0pAn2hmhhQS8-iFTqdsPSWTTqXVVqqBc5QIvRmKpPhkoCBPLokIFAx5BbdzOSADd5S782N6Gt58GKbkv5si-DGKVsbcXca8mShTYxW89m2qsXiCeiMEbG08sC5pp1KdoOXzbnjbyvNNy5pfC_ntNoy8nV8ObvcrolyOmEIyNOvopneApZq4bmNVIJsU-vC_gXkBH7Sxdyw8dfVKNMYq4d8HnAoOJ6-m8mpwVGNLNj389GaCKSgFohbjqthW21DLqXBIbx1uYo4Nwy8z6nrU1rXlx4o7r4Wlbx5CZHIHkosfS6JVRqBbykcxxe6od&cid=CAQSTABygQiD-f6B86V-berF-lygsRP9mMcV6coNiSuzI0ADf3Aq6AS9Gm04pkNbjaH1Zk-t7F_fJ-CLbAlxO-dKFxvhePHn01QnI3PiD1oYAQ&dv3_ver=m202301230201&rfl=http%3A%2F%2Fcrescent-star.jugem.jp%2F&ds=l&xdt=1&iif=1&cor=7814494757126585000&adk=72288713&idt=301&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c62daba51ca1e0dd58da62cba0699ca30609e175508ab0ec79d0c906a7eb3c7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36151
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AE3 0
20 B 61ms
61ms Ping
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6532969116824&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AE3 0
20 B 78ms
78ms Ping
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6532969116824&version=m202301230201&ct=76&x=1&cor=15188030865402540000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3AE3 76 KB
35 KB 100ms
99ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DFeyuWHXi9s4gDFzpabZU-HD2xMQA2_zJQERMmZYM9B6mclu6r4r9O1Ktlmy5Jk6cYiC2-GTXrz0P_HlKZKgJN4FzHig&cry=1&dbm_d=AKAmf-D8wJloZ849lV3V0BMSI-rUh1z1DDeFsXboXaLVwid-kCcH0Y0tQPpBLNM7iRSUxB7olOtZUv51-Z2T0iejwo3xyvE0NGx1CB7eo5u8XutYIwICYhM0Vn3uYwMJ5AfRD_4e-R5iD83zBBohYV1Meayhiiw0YWsrGw1qOTSQ1ZNNyUmDEL3YUkssnjmY5C9gcMTKEe0-nFlyZNzarAEJqfgRV1oFiGyzQBexUdyrlcemScswnZWAkApsD7QZi7LgCs2wbOKOXUg2crrs685dqvxz8HcgFx1dpxMrWAN_naxQ0YRdd8Ldg6-s3-eTPQlsdkLBW3-HYwbT1VZT3rDHQUljatM0W-ygDZGflfBAh0f2ncX6qOPAOR5IPPDu48-jCNPU16jzbhFikwyftgVvWNiEMOZfGGGmq8SPPd2psEHsvpZ9b3wSjZ7UHBA6dzpSgjDomlUHo8ZHtL3JzORwWpftzEQG_W6P2DEEm_V7f_jIfvN7hK9P7lTpYkBEY8782v233QhDEbctjXU2kSPTL_MkpYbJqnu0Np5zg1G24RpK_cnbdKaWV6M25Wf78HuTtSHsVaB1-uem_ckyGYxkqNW2-wGzLqPSu4Oo0QhZtqImgwFc6wFJmJCXLmSRaedsTNb5-HbpI04HcEbvTPdbTv2LfyxJ7w4qCpgjIjSCiBkerEnS1pSYvPl7y1xZqTkKuLelgmgIj10NDk-OtjGOSSRePCrfXnRDEbo2iXvrPdIZkaiZUJfyRekud0xJ5QQRtLAOgrlQxDqFP3zr8V0_x8jERutSaqJ9LnK6cP-hNIjpOQgpkN-f7NAb2rM3cxFAO6GSjE_mNapBTcNwuySLazAtK6wLMlOYf9gvo1wsAEfSsca09NfOyhvJDmpcOHJeHgZ5FtzZj2VFwc4iSnISzaPzRf531CzZM2pRo-DHdeigCEHwbU7RaxjCnVDcAGUNL8L37TZLnaafPyrm6j7sGKU0PszkZr6j-8SNLUPgt2bowvOcSHXauG_kKZItZBGaGhwLI-lWJTiMQx1Kqr9XCButM4h6LrMp5Y9me53XlzVDaI8VR5hi6WOxVXUYoUjSoApLGWrGA_x-XayYa8mwPYnL_31_-GMUM1toNp3ok8_oziSH6uK_WXMNSf95z8Bzd90byihvjU0peM_GXi_RHVR9l6lxCH78e9ZaX5vO9g3zvBYM3m5t5eZCkGKueIHQnjk5cQdmr3NWC8XGjdi1WW-T6Y7BM-3AWFjYMJ7hB6Iz3roGddVkHI8NoIRmxEn4rxtUEZDnFqiHPBSTemDG-CfyqliL5r37nrbDr33J-_hlD8jCHyi9SPW7_0fVxM3PSjC5KeNUB-Z1PMtzD6QutbQKTK-RXpmVJeAbou30AB46cb0jMle30sjY5DtFA7_FP7cWQTis5D5_yMBAr6evXZ7LZBvFxrb1M0EuRutjPsplxxD6bM0LVqF60OBF_ZRXLciakkAgwUASQfUiEtQEhLatNTCD24LX8jWR-P5fLcbeiXDHnpkYpd1S5-TxQ7HXfhWbGsSFHBlwK14BiiWx6G71xvSc-5mwx7W8Vy9fOJRJz2uB4sLsIOkbgDGCDTloVDrkhLvYIM8PH8nBRCgHaCUB3_d2ImFhKERvhffNPEjdSBPk_0DpBmuvUtZduzV5VAWSmdl8R0LVNgaDT6wq5AhmZu11cG47ORaW_7SwFEpgICuYYc--vstvGpuvYk1jGrh58AEdqruZFBeFD7fKpSnJ3o1TYhleMszYcv2bDNFgTlJ3rrbbY-Ybmc4H2aLwDTClcJrXnrOdO69QB1wfwDzcL6Q3qroyXM4sAsiek0Z2WuLVCjHsKLx9pK591NLiJ0lrBxbtjoMKWFUba-MfOEPzdJa_kaaTF0Gg0zfKmp1c9RmBa_C__tnFy8lhBcBlitcZYj6WlTF0GvxjS34sFhAs8x88fwpBa1s4ivVUTCioUSI01CBhhG7heeEN2MqZa1KickB-eM_i6IvXv5234xOne_qc0nTw6k5dsCJnYP1DoSh_ZbXFL68I5Or08TYaiAGiXrURV4oeoG22sx_hCHwCRAP6IRsuTHhqYRXno0sxccZ3D1pq8DGL0lrIEBMeDmsCe0NKrzxSmtgr3mhxEW5emGKNAteP0BqRix5GijEkt9dcQrWAvLjtcENBudgreOjg7ACq-e0XkEDgQXE6eGhwKPYjHzwlCDq9B8FOv-xNa_Sr3e7GjR-YlpKMMtzVdnQ70ewvQC_hzo8wqwuh-orlv5AF_eZBmcW4UsaWsnBWYkqYSjEXrldq_c0P6Ibuq58o3w8QaO8tbiSFagv7nkIeEVWBt-4kRpseZoESmNvOnNeSZWoOHCZn-HIA21UQA8Z6JLh3MiZ6E5hk8p1YcARLxbhbrny8Jbl14JRT3RDmpKmiDK6GctLarmq5vBcZK4wHCr2XZkrGwt_YSU2xsjFdhxcjYluS-TcTMeaO042VmXia1hCjtO6M0KoJiV1J7ZnUQtsQNu4ApDG1LhvtSdEKU_6ATQHAg0RedH452eGIkz0mHwOhJTKdwYfziBzrzPhxb070GfiUf5EwPF9u4Fh2gf6IC9XNXHfXHBRiVRYH1mrm7dYXornJEfmsPdbDPaeh-FvBaMh90ZpaSPWi75nwCWvmTMxn3R_01PFm6IcNIehJHPfjOxUVkYdfrlykzfmdlcUaZdYxyvWCjJN7QkFAswy3rdkpCmzjfEnQgj1jjzEBY1V4z7KUgbGgLsAg5nPxYahsXpUkOvwnZp3Eb3zNyWkUfB5nrI_w-bQeelx_Dg6zRiwtG5TuG71hER9HFlY65_0zQ5TnCcf2lEM285UiB6_HM_P-RauQxslTP_VQ-qsFqUaFjZUxC5XGTKxFurJe_ux6A4lb7hqDVof2So10KcKxrHhLd8QxAFim-kPBSWbR3F_e7BzvqNdhT8rexgy6lUFGc2V1mYUywk9eCBHahuRe0ntoTGN_ad4aHZx7Yz3sbSo0PULXu2eWKP67Jb9uT_e8o5BJUHljOCU1Gm629h14s8yNYh1S6-Hxr4qa6N4NPzvnq6CnMrG6-Pu6zsDNIbotrLX0f1lr76IsUS7SasWrtvNr5OHgO31R8aHldF0F7gcgJQs0CxQS0GNSvY2O4iYJJL8Kc1m4JQWKNRnfkybmxap2ZMsiPPKLBMFilpwgDF86D9RTRxbMGH95utSi8xlo0Gbm-9g2XXdDu0QErgQEYftbfhgwCLuvG8va70zgeVVk94K1goNOVt9jyDL0jtBZDt6ysNl24H08E4wG6IBTiZEvRTadugvAQ22siA5djQUKdaa-D0MU76u2BMilGoXQWoqEi839mQcCZ-jBYFuDP4hHhw_I4V_ndE1ty4TsIGG-7cIiDSdQ-kzurs5ca2sKEEf4JmEKvtPYOV1y_QbdE-bcC_WHmdEQvgKBVSG2_8L5S9J0Etxm7sUrxJw96BONUb_ED6yn73fTTaSIpC1ylSVlbW2pidzbrgDyn4bPkCMWdow-f8_5pwt7A_3k2BdP&cid=CAQSTABygQiD-f6B86V-berF-lygsRP9mMcV6coNiSuzI0ADf3Aq6AS9Gm04pkNbjaH1Zk-t7F_fJ-CLbAlxO-dKFxvhePHn01QnI3PiD1oYAQ&dv3_ver=m202301230201&rfl=http%3A%2F%2Fcrescent-star.jugem.jp%2F&ds=l&xdt=1&iif=1&cor=15188030865402540000&adk=2742791599&idt=237&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b52e21da1da0eeeb699c0e0fcba879602d64f76a1e752cee2cbbdebf25643c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35970
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 6C47 0
128 B 32ms
31ms Script
text/plain 162.248.18.34
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:02 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFE2 0
20 B 62ms
62ms Ping
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=469286437283&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFE2 0
20 B 63ms
63ms Ping
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=469286437283&version=m202301230201&ct=76&x=1&cor=3162322353430363000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FFE2 76 KB
35 KB 150ms
113ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APAsnmhvpZKDSbs-e396z5p2NwFkn_UytsuAlJRxv7Gvguqs_souunWjhf8vqsfMipdloCBxV8Qfv9914JXquGn7dJUQ&cry=1&dbm_d=AKAmf-CaQn6lTD3zwCKR7K3ahhU2OvpGp_tWISLRpSydUsQfB9CIsUad0_oFRVEBf3ffIqk8JEEn3UjH1Q271zMV5WBtov7bLsaYN9o9ptsFeq8wyezQxGa0svgYMHQHIbfWISTQ-k31_q4vCNwP1fQqAanhAJxbLjH1Aql-SG4yTy4zYNjTzfzVK-IbxdpxDcZXX1BhISTPAmIV66wO92TVzoDWRXOoUrCJvehwCKdisUZdDT--0aw0wr-aJKef2wwfQQnOfb9_ADYV12iCU3ZtBNwB8bvwD7yqsRynAdGdm_WjCAvHr3r2sdAfWxfrp2LItTOpC9gTde_JwrQ_9UxG0gVSKCE80YBSxl1ZGRVPfKrp_3u_SderI1uukTLYXmmtYS0zO9Cx5eqqtQS9_3Eqi7zJOFmPaCDBiCxo0pHSdp7qIWUOQ_JGKD2_7FJ0HiD3AZeQt-ZCaqVEXi_zMfNt0p9BvFPVUV7WvfgSLr82OdFQ6weMmj5Z47mkxy3eqRxx_8lz3VkrzrE4SbDC1sHYfBC1fsm_M_Kt1sSWFz9a7jVOnUnltdek55Ghx8Q6VWx3nL9eFJGiYtyfpZwOAGsdm8xzhJ9w-B5WtBzYxGphrKlwHTGjkOlCOF9J5ATct_uqu7KAieiOjyx5uCLGj7yEehxb4bGthld8PQxnxKE3b3AUr0seh_95b1GbjSxH0vuZxWfXACIDF3apZFtwEyVXesRXh9LwA5L6TA94krZ8pDazvsaxtH4PIfAHiBt9MJZ3bRiRy56tGASfR5mz4huBNlI9srA7eZc_BGqx5ulZkIe-GGOHP-XWVJFiXPbt1i5XuhGaohv-sH7PU31k17jN6jkwRdF2xGUI_LzsiHqnXt3yh9_NKugf_-IaVI5DDqRDB3V5L9iKNM0sCLXIGoa8sDyKpBy8T0np-hRErI_Rp7QrrxPjSuhlU_G51PkyRUx93RAVL0uokSJrBRi1czohoiNaV29IckhjkA9X365FM_PJ2OeY2AMhMnaUe1ez0PcDZ3X1Ugh7nXWfwEMLaM_DfcYzWBSQwcNbfs7xscPkkoqO8I6Qew6hHtTnfNFq-RUHZnXocrXIpeXeVpZBlYm-TiSD8kSxB7QMUPcwXVMKt-Ev6LhUfFUVZHsiiMuGIYaJvNLgOFAgSbqi2BLkN5XQP365KmoO88OlpUeBZX1ONCyYgfcoe4EbRJMFLpqQcN_-I44xGfEpnISgsZ2albcvumDEMWLMU0JPGtNxsx6kt1W7ZasIpPtp85p8-etJX9HPoKxiNZNaMaezCvyrcOTbZSF1tzCzbJt9UEStPEBlVa9NjGWnCZ3ovP6hGY7Am_fj8B1uYbPKUyXqXkgOl_ELPQOaSBikI6NJ-ORfVaatI-lMIH8vfVzskkV1bNhAkftEPU1P3vDkVFg5CqlNBx4Znrw-hrU6W-2f-d0huJ5U2hIJyOIKi2O9jxZ3smbwpJvWw4DueCcNB664rDW-w3kETUaaflHPoeWr1HbL4NzKQ1A0BW0ZMn1fAXOzNBvrIhiPzCKk1fNNQEc7TtWv06iMtnPwcieh1W2sc0Fhjw2q_Z7qqcNNkAOZcseji3E07M8BrFivXKGSzF8lcqeuM8Y7PU_oc4pKtEBRF0UcS-0Aq1c3dbSnofMHQYADHX4G831V5nnDSdPqqQlS2qSpqkGgFW_GFuxIrpvC40KSZUtpeMQRwlWqN7q9Yi8XVVkXAeFQaJWHppj7xGIHn0SVZ4-Y6GFFhSjW3v5muVLV6fBv-2MN1H5gSnEPNkUG61qB_KVKthFsPN05FiyjXzOvh7jWO9ScfTgHiWU35VtR21kr1dhQWsmi8rLAP-KTBc68vwWBhH6ic6HJc8wHgvIS7vwXEVHOwKlFcTx9Uw_1ykY-ot7EWUU5Sq0yAYrKBWUODr-BOPBvT9cp0fPRcw1mgu3-Dxd1VvaFVhFnuLSYZkObgZElOOtVAEHZzRXnEAzZA2kr6N53sdi6ttu_fLj9uGNp2ffW89JGwn4Nvp7UkPTUMGGHi115P1lYXuRWIoUxakabr-nPs0Lr0w81ze5oiI8mjNSUbR_sy8QNWYeXyNca8CkCx-4GuYWDi8GpQihXqsI3Cj766DGfsZuD5h-t_cFNoJ0xKaM2gcOKFE4JOCzBnyFagt5A4GygrzRt0QNYyL5dF8pYQCfozlYD2BPc-t3fDMcXS3SlEuLbl5HBQewy-b1mX5Ncd_CmtKIn3hzCsmMVzd06ECkke8yu09zL3pTaqI26NX2V1AFi0BpslMnyF1xX7q3Qpkow-uMw1EsSVlF0cJ4ENV-MYMk7GmjAhYkxblSQvDowEk2JYxBhuruRJJba3mlV0jGQ5kGuuD3m89tgyKQmujJsETCvqJlVmuLIfKshwo4v2HZK5eYf1zRt95SSL3GlHr_JLRneU0CQWUvKk6xiNfEnZc1pvcGiFX03fEE1oOW3bmdYYxkyTU8sPuZ23iqUE937XDqhMV0nickZ1GNqsIYZIRtyiLVEcBOO4JyT0RnfCVYkiUSHg5VKMjZZ2wFM0Y8AGeNOtSHpiMKxWKNJ-zjWyyQaHf_AT_w6dGsj2xMJNvvJxHMqWxf8p3lmRmT7ifCOT08CJqGPj2Z9cpm1XSKvyPFaWc05YHQ8ac2huoZVmwRumBl4xyawaTAEM01IMYoYmdLyDEd7XGzPpaod7PpF2ev4dXpgmc1qFZQqyw963cYXnwfuTz2vCmVIIyKUJKXdGMWr6TzPp1_9BXjTVH5PTAtRzd_CjKHilICVPTAkHUNDd4tnFXbnMG-MkJl7o-4S_ZPyXo2rHl3O3zQE8JX4yV391s_G2sKQjNluEcKdRmyY0kqGgYntfj36n5IAlYSUBJM56uKZOR6jtB8FVxf7uTDY6ub4Pz1N21EKh3bo9qJmFfcV0py-O6iAhrqfpnd1QR3-8hPo7zv97Dc48xozyLGjO-HhF1uNZngpbQyvZORhA3lZ0-P4CaKqvk-iZ3XD5vsNTUqPa9ZLLmOsodh8o5W2msbfR-DuKdqbjmXlAdJSYdlYnEpPXHCLwgIp32Fgr9lT7TWzzBxEZ-KE_3gW1Rup_rJNqQuHNBXtaq8vATAXbs9-Ya9g-6H0OCOzNiRy_714-1nGCknKaBG-3CHr3ccstouvTvndShWPbXMk6trbdISP_AwTYF6qfRXk3LSFsnslYFNkWub9GgkKXAskAoEVGUBFDWvtbX1AO9sFwxx6hgFWWaXNvxpFmVhAAftQG9J-4uFN43xrReR5zVqrxXQUcMz1oCVgbo7WY8X8J4V9hjV006lxD3sfYXSvuvLkZqmqRxB_3btoFswpMgsLzSyBaZD3jFR0467rl0uvx8PdP3hulMlA7kVs7nKWqH0qqztfBBUwnmIH8p7M4e9Ybm8dK4K3gD_InlIqs3AFebk3GQXDpHWcCMo6Hz1c9I2Cti5cpx5F4Wm6sOYEUvyaCNBWcmaulLjMxI6QnNRbNeWpFuJKuj-0n3eAimjkX11-2ajCQTA76lAkdZ44nzZd&cid=CAQSTABygQiD-f6B86V-berF-lygsRP9mMcV6coNiSuzI0ADf3Aq6AS9Gm04pkNbjaH1Zk-t7F_fJ-CLbAlxO-dKFxvhePHn01QnI3PiD1oYAQ&dv3_ver=m202301230201&rfl=http%3A%2F%2Fcrescent-star.jugem.jp%2F&ds=l&xdt=1&iif=1&cor=3162322353430363000&adk=1851774823&idt=294&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f4937c97a5ed5e1e1cf110efe55754fabad962dce76ea0459d3c01804cd5899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36215
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F099 0
20 B 85ms
60ms Ping
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4652324955546&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F099 0
20 B 81ms
56ms Ping
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4652324955546&version=m202301230201&ct=76&x=1&cor=13870621896178086000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F099 76 KB
35 KB 139ms
111ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQEkKeoSZCzWVLjCvkWH9SkqCYl7RntqGR1SC_mAsYXJRGuk81tifkYvzRIJA6lH9xtDmYxbBuScBY7S0XsLD2hJi69Q&cry=1&dbm_d=AKAmf-A44NiBtSX6NtUWcRCBbz6HfQQk1iROvx0QTU_kJ167FS1ROjRHJ9R4iMb8s23CKMe8X2YArZythtLl0zh9QmHoC5Y1F2AblLSi8kxUt9XSbR2_21i9Vo0p0PI-_LQzASfpuLx98-Dflsr6oeQjXJTlS0cymNjgzffybuJ3CpeErOK_M8z8h49wFcTZjFDoCRBmQ9KCP15xAxnwaxnW8HZ8IFHpLJSNCCj4yWRC6THjyxXgEBRDRLQTQx6avTLTy4RUdF2uVw-psBp6LOSgh6TUVft9qhp8zQG4NnZZ590ahttIVPmgwFxE_npp1wK9EulRZnLQHlS3V-IxW1soAQQSuDd7i9VMl3MIrFtZjrJuKOuoJq0CJTRmdpLQDE-HdytNQv0JceoO45ITGUfObxDaMzUwJgEOBeToun30xbIc37f_X2WzlKK3P9lxGekbVRNRWMKVLxLUAvPuuszI_GE8icfxOEVjlKo4nAhLLGCL1ZxhZqAVuEWVlzYrIBbaaK2ZJn8xu5yZW6jf3I5pcPWrtNCUaeyvy7g8ACC9tc2LnWt5oehXLW-QD-0VNybpERYZKcNoP-7YF_D6x3S-Qu3lPXGYYALDtO_IeUGtHhEk_oTt8nX_NnrSJisVVZnP5v09mV_eGLIlngCtW85E-FBz3kATlmKBiHTq_aLIi7pqRaei0BGa6-gwu5DwQIFaRVZ5MYIO93jRsXH9fLfn48AvB5KJ-4jOZ2oGUeWIrA8RkZ6eVDzPbiskRW7JESO1x9lIacP5zIM2L_337HGBPjHpTXz8OrfjJ1UCSS9HT5kZpxYdbd7w3o7c0upp3JX3Yp3ZytABFGCL_Qty-4tmtOUFTMWa5dujPDK70w53AhJX4YZpXLsrdl_BDVrJXw0ncsMXoQgeUGdemE3tBqyvlON6EGKDjXY_jZu-Z__lnaTPLCWERz1sJU2WjSq-poHgq4PccVvD70FdyCvtkioZr8CEj9kE2ngfOD9TCwFjZMiHzPCtE1Xll1A4gXFPPpq0ywPjkkq_UcLrZZnzlqMB3d4tgCM1c-kl-VRQ6AiR4mdAIzSTIacPzYP5F2oO1Kl7N8IUoAdnTfO1SRztOR8NjYUBSfAS-DzbVvTWkmjmVyNjnjjuGHyhbv4_1URV1AU2ixKo7oAPnVW8zEjb9bHFB4tmfmBdNFg7nsVaVW8mXVz0H5Qy_zPlprfEaWwbCfeVctpk8nqR0NO068kdg-PjYkOIf2E4JXgvKEeM04G9ZiJmwUvEEvVjNQjpx2g9FyMlkp_bBhB4bMxfe7l0EyQHLBSK19MbULuFPgOmCE5iNUbT7B9LGO17giv0C3RhQo0O2QaUzXj93__O_jzivg_gJU-gmBnC12kNmoVIkFPFEGOagqsQgKC3pPBSNVtUtuVxNKjX_6197SjBSqDMK5N45xw2vAM4I0pPC9_MJ_6Ynp-qado740SBJP3x6M_M5r2ECbO8LH8skdX-Lyr22O_RLLdn-CgN-Wyu6bnN2rq6rP2vtghTSGrMolDVlRejPbRBTA5VO0YlsNmTK3WUJEb7kpcrydd26JtGDaPrjM8IDj8vhJj6qs-d4eSCMsr0w5R6G7DSx9q59KiEPrvMk53Pqf7P88NIQJlxSLxKThG76xRRZ2InNCyQqQRubvBGc5mPrgNagkZV6St20iztigKHJSg4aw7sP7XOyZuTQ0FKzrLjN0n2yasnuW_bQE-UAKXJBsnPxyek9TiNm7UdKd98Hc3SKWnLuvyTU8jF2cahxgE4f8wlSdFEjTHxo9qmcvnKcjau9SxDgF_qnzny8NrQ0e46sBDel3G4lhjDoBVc7cYnpg7rH8Z923vQGJ0F0c-oDo38LVHtytk3CK1UNVQBUVlYFUOjNPYIigG_Rs3DNi9Y2ZM8NzasiK4uPSc7WVLqGpPwo7F5J4noPrWl_F0yWQJhTAiVsZ0Y7PgOXygEj0YytUhJ7ah3ohAH23-goEmVt9XOP1e1_Pk495h_A2yMlhyuMosSYUKADiXem1CLoMSNfElyuRhA43Eb9669ALBhMtuVo9Ug1FM2Mi7Su2FFZTvCw3Wz_tybT4t3RuCI9hDZk8l83F-L45s7e-1rJd2S6PGtTyFXnZDdb3hHXKLnrxIoudF-jfR6v6HlqaKEIbJYfiuL8Qc9totdyymQMci8ABIGo9Kx6VNJIZMHQOT4_4Umcum6Qfa1R1QtSq35-ySxW53ZgUhLpW1OG9uXgr5z5bcGAfBe2DuMFYSO-n-kI8sADcaOWtgiNo9CL7Rp9u2WNjZQefwa3y48bmtwlIiSlxVsTHHMvPPTvGNEqfzvEzgdRexubtditWl_ac4cyd0k0snEaNUsZvIV6tHM1ufi4GxcQO1lfLdhBMpjykYikeEklYfvTQYGqRrDG6ox6DIV2B5PbT_sZ05DAW2oAByaGOVPppowopEV3XTP4-qyE-a0In5_0Y7m5I_6gsGpD-V-6XYllmSQsZSTAsJKYAy3canPC8oSr2Vw1IvknLFqLWfzzK-AWjCAM_PlQOL7Dr4kAUqfhGzNxQwKNRZT4d6q6m8tRuoAf41jd5BhB1jhT4bRweOuwGoCYMCZhMWpi7PgEmghOhrHgeV6XpgMmlzYPv2qqs7O20NiJMFNrMD5j5yzJuI7xl9H9RUZFK5kvhsM2-nLqL-qz7doVoxMJX76sgvCbT4FTCIbGMMwpJTJJkCJtWBNx47QbG-c2DTMYoBtmQSOUkE56uEaMkCHC-TuyYWUY4brhBMaA_PCKPxogQFRAQPYlhbuFe5LkylWcsaDpegpqMjFcT3YTkAEpk064aRIIy6V_YBEXVmT5TYdX9I9IuH6CC0r1riHLgsVYs7X7ihQqnO2RQK4ExTuUhMDgVv22PNkBRCUoVynzKMT29cKJKmImJ7sTGWYN-VDktTOhMS22afhfq_xeAAwV34TTKZYhDdQQ4EQyI9Wz7sb7M0AojPD26FGdvP4rwZxNYAoORXdGJ5jQJ1miB0J1IOkD8o109Z7bgnoZXTIbkjo8RRrH3kPMvAXeDIajkgJWFf1jv2m1C4lHR0VWmosT-189zQ4XChraBdCoWJUHe7op-YR-UeywdedtnRkSu0TGIf7hDTd5MmdvPztdea3cQW_WcFOw2Ggt5jI6FdI8hqAe_PZkjUELvh4LPvKe0clxbgn2zHeNhmGHOqpt1FIuHAK3swoqk712sip4z-h2vENBgn375J0vYIDYqHUJeCEXPzL2Yfs9Xawqm-I_RsvqzQynzEvbJ_xXjOvMQFTgRPuw2hDkMtCOoH8mhrXp5Py8MRwurMtmG1b7n84hkqMeAEW9tTsNqwor4Es69J8_Q_8h7OLtWuFuKOOyWHvl6e-jWnouZiumGApsasrl9XWluWiZnymNSwfEYCeRyddyYTOuYGJYSS4Tn02cVPrgWAUk6ipWqew23uCZm36f7dKwLKSgUVWiYOjC2ZahNRdlzKFac210eEppwYMdn3V65c9WMTINj0TYCbdRH96E7FZEaD7XZQ4QA-e&cid=CAQSTABygQiD-f6B86V-berF-lygsRP9mMcV6coNiSuzI0ADf3Aq6AS9Gm04pkNbjaH1Zk-t7F_fJ-CLbAlxO-dKFxvhePHn01QnI3PiD1oYAQ&dv3_ver=m202301230201&rfl=http%3A%2F%2Fcrescent-star.jugem.jp%2F&ds=l&xdt=1&iif=1&cor=13870621896178086000&adk=238596429&idt=126&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9be520d25af5534792d91ee7e388923e6e5fa6bb189b872f77dda46c87dd5726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36009
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E00B 0
20 B 72ms
66ms Ping
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8011252859361&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E00B 0
20 B 60ms
54ms Ping
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8011252859361&version=m202301230201&ct=76&x=1&cor=5559511400978608000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E00B 77 KB
36 KB 130ms
120ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3ziGrHQhCwLJQC91YCW53USpyprA0yTbhNPwi2ucE68I8dxBX2VMWgjMsxrRDs6Uee3a0r0L5l-T8g85iN5_fuRrvmQ&cry=1&dbm_d=AKAmf-AYNQYG8IYcy47bgFlIF8GuFD1Y4ew391S2TD6Ds49g-PZ6lYsFLNGvESwYrFwhU1F-LVNKhh3NjDqx39NlgzUR8jEu2Iesdlnv4MV3u-9Y203ub13c3SwJiF43R1n7tbWgwqu8V5UyRvExrseY1O94Iw3dauLry-_18wIqkhQ71LKG6ZXKvdtqrfplzoq0v0Wg7KJQV7-5GnDgjwYGJb0MsLtdaDwP4H8PAeHI3fRhMYKP4b8YTEJzJs7NE7Dpj_whoTTZD_8jRshuYwF2GMIh7wRBTlkf68cq4J9n2deobEiZyoclGlhHs2kmj-_aovVJHfbUvT6MEa4NLfaDhI5qd0zEmTPzqyHP69754Bb0lEOih8Zw7ekSyYBRruoDgQrTr2wE_wv9eEvCur1oSKRub91Ng68y9KWth5wFLXVlPmNtPqP0iE5JJf4BGueCsg-NdpxnFtqa1lbU1k7VZuvI0GOQgoLxvbuM_qcjI3HX9CPD4iokXTP6-tuf_lTZv6QOw08aa1Rh5X8h0TrtRkOtDNSUIDiQjf6FNC7eLjg50RHVCXEeEZU0wMnRjBtLxD4W2R0Tf9X7rDc-QZ2PFysGbMwl7LZi-eUqEczfRIIRidNeOmqz_o9FzjCOC-xlQfBiTdqobIkjUQkQtTxjth4oQ714AoxmghfavLiDiYAS1yBY9ZR8Vo-dO6nNeandYko4YcDkR6yd8862_uvGrDtR9JMNwDzwPmbdzOfmoa0y82ZcmWu6AFdeoEztPIdjUnCW2t8iF02XbJkc3xgcI3R7mSnKJcGOBjq6szT6CJQggYQ8BGrLaxNEUAjSRCWWD9KGg7p_yaVoCEkK4NWrHJoLrAoaBWovHXr9W7L_SZ6yRqDbRbaWeov5g3tJE-Gyd2uZi5-nvFXe_8me5rdmowjmk9U2tlniKLhSmZbtv0l4roUjBSvB28Y7NU7gafxTy6iXYI9TvDeRQCbXeYPRyEdV5q14foAkKFzSVQSnUfA9jwRy4aVeIYSTR08TrluUysQ-XNZcR_iHVD__qV8rHYXfHU7zsQlq0BlTI4BEt1QfPj8E00OQ52otQTFZZjWbXMKpSa13g8aLOutC8eBAJLdHpCFi7Tjb3DJTUc_63KfA10HQqVupoz94bfzZf3nXZUxTGSwrai-EhXNuWdDkFiJ5oQM2uJFJFnunck_CcRYNIAQtNVMMy7ua_aMvB8A3VZ41P1wIy7eL-HpMh2gTTjtYTyUztA6DXEOKnG3pRTBHdtDlVUBmmB8enKoF5rHEw7-DOCrPa4tVMsOX5wso_xUWl8R3dPk_7OtryLA65t4VFzTxUtapk3Rb1wEOaIJCJIRavf31lZDWTmlW6g2vmbqIYNXOdR56vlBsKJi1IyjJUC2mXytAMHGlckZ1vtCkxsdjQW5ec1yOd8zKOYP7-zjItfbodTpQ2s7TygumtjKs2b04XFmi3E22jhciJni7kBv_S52xQsZi4i6BLlH29y90rJTv_1QxOGoQ10knhplXLlbGeDsEWMi3CzdaStLztqtAIRzuDjs-LnQFtot5UHSpySlO37JkWparzvUFt2iu2p9HF6hOUflJJifrLuqOX21qe2wF5Z6DWr2ROtLaf8qInOfpXh_5814pUZcJXBlpqcgD4PUjyVze-vMB_Bpr3ISQIZIdjxjW3vfjjA1lOKdKuUR1WpBRyeoRiOtfWZwNXYN5jThUgoOP-7w79ehf0Dyu6hPDa4SIiKrqiCNL1ViYtSsaojyyZ3qgs9MJRLxixjYgoBFN6HAJrEa_uO11KyhSMGojukJOeTY1U5nM1NURMvzsrpvJEeX99XYEMqliJ_zcHiv8saJVENQS9lehZcXrTFiAnPZaiPA2Wd86ogAQMDW7PJ4KFbqIwrPkpUUjToR2uY2VLmijzizGjbrpAMRvY5O0kjrOQnmwk-iP5_y1yFimx3eXqJSCIc6kHlGFHeUFFR1mJCM4xe6UkIohxc4rbm_zd9074NbhsMip_Zo6QTb8wyff9lB37LAnqeSKwLBEZkBX09t6dOVniNkNRJEx_0MMgVTnyhhiw26UO9gucJLeve26ibY1NhI393ce5oJT_XHwdssmjsBRRbJfKx_ZcAsZu_BxOF942vflmEPbkPZxEIvy-gOXOnQ1eUzx6T8K9pgt6qs9K5NcyO3hWa4MHOXFnago7NvLtarDPRw8EhLUTaZgjYts16pU09itXJdWaEOtcHx3AVfR83Nrg4NMaaa8B3bbs7ZbUDn1a4RtdRt41d5-kZUq5k-aexfqYuCVHYLOh_MZ2Hs-nbrNzbbvrEiHc3LNRLsnAq8bP2ZnERQjmm8zQU5lk3Mbsan0ouhagxHJRoORCdKTc7UNJDj4cNpeYQcUv_gjkwvZeQAMQXrcaAN5AjbwzdEsoQJo9aBk-Wfs88Oiy2x7XzKPeDwtCdHycDju3D8libv2yySpyH7GWIA3POdtOKpRKIuZrkmdnTVbwyPEfRQEM0m2UXTDSJ0Z_B3HNtcRzPryoq1VLc04UecPfDcABigwEHsU-UeTAp5FkndKg9bO-ucTSwC1DHy2nfMJ3O8OSMLGqlW6AE6Lh_WttxFXexvfFWtP2SqRRusgxx4SEBeXVmVP-zhS77eN6-asIQE4JAh0ViPHT92Ht_66TikvdiREHhiSkuZreEiOvxb2ZZTOIq3VOdfsjqcEmCBCILUkKg9xT1LwYwRXeB_jIHXcoenAwRmqJXfnF2hcP1wVC-OG9Z-ZYDc8ey5vK9Ey_Cl_C_0ctk3NpAFHDbRsAB45snw151IJFrD6VU7yTq1lSN-JPKb1rLbeWNrLkqRi6IzsO5P4tmw8-mVvanJ4Jh9_xvUZIDAMm5UL-oDdn4o0FDrsPeZ_HgfyIugfiTL-TreewhiAV6eW4Uc3RfqJ6HB81DE0OAS3F2rvqRUJfh4stmQ--0Rq9xic0C9b8atKn87EJH1AIqJa2k2KktKq8i0Al1OLP2zxV-ESXCEGxROf1-o3Y45ZpY9VYJbjPSqZVmSY3PtPJ8Skj6rxltQLhEBm5a5YUDCMxtmlVqsiZTaWB5ZbzXA6dtA8RZ2uIOaFDeUKHQgPDpGWX0jUxm3coG7r1oNgPxAyr9tPP5nDjWTRCCAj9LqgxZHqR2JWpytTyNehIwhqkzFbokSv4T0HLPvwIKyOWQ38gkrozNESJ0Kx1mzVmP4AWwDdC5KryZqs3dwNcNSkS2NkIqPEXuuvQFTIfcjZVmWF9EhT0ngzSDoj034ZPpd30krvsC8pflMJoD2oCW2OcihEUlmRMy0grpUkQYvuZFfeOi5xG6o9JchZDG29klXt4mR-IeeSOngmXqCpmO5yUODhiMmYxTfM1WAZlpbwxEeNKlTnwUbwCefwXRyWkmViNbwc9tC4LoxzCBoY24zUDHT8_yni5-72_Ej5PfAOErKmfJCAqPbHGcb3Nbfewm6cHpKjGT60F_MBLtfU7mC9MXG0sZO8wk4TDF0hIM3qkB4Ln1rXprv1uiWNO8lgvJ2xVrJibnUV&cid=CAQSTABygQiD-f6B86V-berF-lygsRP9mMcV6coNiSuzI0ADf3Aq6AS9Gm04pkNbjaH1Zk-t7F_fJ-CLbAlxO-dKFxvhePHn01QnI3PiD1oYAQ&dv3_ver=m202301230201&rfl=http%3A%2F%2Fcrescent-star.jugem.jp%2F&ds=l&xdt=1&iif=1&cor=5559511400978608000&adk=3564403988&idt=166&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6959a03185cee225609e77585c7740391135f1c9573263450b4f009cd099c833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36554
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fcrescent-star.jugem.jp%2F&domain=crescent-star.jugem.jp&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=xGdSlHxHRHdZYVBVNm1pNWJyai9UdmN3VVhCUWNhd2NOM1dnbE9QTWJtSWp2cjErUFJTbjgxOHNqSFllVDdsbFNndlkvdnFrUWlTWVpaaDduMDZUUU9ZTXM4VWJJb3ZINGl3S00vdU13b1pSc1FPWk1PSUduZytsQXFMa0...

365 B
645 B

88ms
29ms

XHR
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=xGdSlHxHRHdZYVBVNm1pNWJyai9UdmN3VVhCUWNhd2NOM1dnbE9QTWJtSWp2cjErUFJTbjgxOHNqSFllVDdsbFNndlkvdnFrUWlTWVpaaDduMDZUUU9ZTXM4VWJJb3ZINGl3S00vdU13b1pSc1FPWk1PSUduZytsQXFMa0xmdFpoVnVRQko2cjNmNEtuTkVjVVl4YTl5Wjdvb1pYUHYzYk8vY3dkRlN5MlhrTUsrdDFMaDc5R3F4ZWpqTElKUW1KNitmZXVwMjl1bFRDdXU4ODNiY0JUTWdERUR2QWpiK3AxSE1pZ3FNd3F6YkQrTFh2dUlvZGNWa1FPcmhlWnk2YWpuL2xXfA&cppv=2

Requested by

Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

119b656d2c68eea6b7d56740ac66ef1d2208ea0ede334fe72cda6e799f00ef24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 432862
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
access-control-allow-origin: http://crescent-star.jugem.jp
location: https://mug.criteo.com/sid?cpp=xGdSlHxHRHdZYVBVNm1pNWJyai9UdmN3VVhCUWNhd2NOM1dnbE9QTWJtSWp2cjErUFJTbjgxOHNqSFllVDdsbFNndlkvdnFrUWlTWVpaaDduMDZUUU9ZTXM4VWJJb3ZINGl3S00vdU13b1pSc1FPWk1PSUduZytsQXFMa0xmdFpoVnVRQko2cjNmNEtuTkVjVVl4YTl5Wjdvb1pYUHYzYk8vY3dkRlN5MlhrTUsrdDFMaDc5R3F4ZWpqTElKUW1KNitmZXVwMjl1bFRDdXU4ODNiY0JUTWdERUR2QWpiK3AxSE1pZ3FNd3F6YkQrTFh2dUlvZGNWa1FPcmhlWnk2YWpuL2xXfA&cppv=2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 276998
content-length: 0
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
550 B 370ms
123ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

802dcdd50c71f2f2fc1f72b0af6fb13be6f999fc72ce1abe1707dc7a0ec4032c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://crescent-star.jugem.jp
date: Fri, 30 Jun 2023 15:12:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK pid Show response
sync6.im-apps.net/1008852/ 70 B
340 B 436ms
201ms XHR
application/json 2600:1400:d::1721:eea3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sync6.im-apps.net/1008852/pid
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::1721:eea3 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 43e2ad610c4eab8496226f8a71dc4ffc651f27c8426f18c2e073dac2102fd73e

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://crescent-star.jugem.jp
Date: Fri, 30 Jun 2023 15:12:03 GMT
Cache-Control: private, max-age=1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 70
Content-Type: application/json

GET
H2 200 sync Show response
eb2.3lift.com/ Frame FB5A 1 KB
2 KB 66ms
48ms Document
text/html 35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: 4410bbc48ea02642aa505881db6e074bfe77c51cb8cbb0c898eea7c6f5de473e

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1106
content-type: text/html; charset=utf-8
date: Fri, 30 Jun 2023 15:12:02 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

actualizar Show response
penta.a.one.impact-ad.jp/psm/1.0/ Frame 0B9A
Redirect Chain

https://y.one.impact-ad.jp/push_sync
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tvu5f2p&ttd_tpi=1
https://y.one.impact-ad.jp/cs?d=247&uid=6b724462-72fa-46ba-9c10-3c9c030bc1d5&tg=2&et=30&r=no&ttl=1690729923
https://penta.a.one.impact-ad.jp/psm/1.0/actualizar

42 B
345 B

308ms
234ms

Document
image/gif

107.178.248.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://penta.a.one.impact-ad.jp/psm/1.0/actualizar

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.248.96 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

96.248.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
content-length: 42
content-type: image/gif
date: Fri, 30 Jun 2023 15:12:03 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains;
via: 1.1 google

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Fri, 30 Jun 2023 15:12:03 GMT
Location: https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Server: nginx

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C7AF 16 KB
6 KB 59ms
41ms Document
text/html 23.197.184.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.197.184.187 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-184-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=103871
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 30 Jun 2023 15:12:02 GMT
expires: Sat, 01 Jul 2023 20:03:13 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 9E09 3 KB
2 KB 110ms
26ms Document
text/html 104.18.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 712
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7df758629818a228-YYZ
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 30 Jun 2023 15:12:02 GMT
expires: Fri, 30 Jun 2023 19:12:02 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CF64 52 KB
17 KB 183ms
47ms Document
text/html 23.197.184.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.197.184.175 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-184-175.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 30 Jun 2023 15:12:03 GMT
ETag: "623de86a-cf34"
Expires: Sat, 01 Jul 2023 15:12:05 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding
X-Check-Cacheable: YES

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5E26 281 B
554 B 36ms
34ms Document
text/html 104.102.111.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.111.7 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-111-7.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: http://crescent-star.jugem.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 30 Jun 2023 15:12:02 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2

200

31
cr-p31.ladsp.com/cookiesender/
Redirect Chain

https://cr-p31.ladsp.com/cookiesender/31
https://cr-p31.ladsp.com/cookiesender/31?cr=true

43 B
506 B

484ms
462ms

Image
image/gif

18.160.96.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cr-p31.ladsp.com/cookiesender/31?cr=true
Requested by: Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/
Protocol: H2
Server: 18.160.96.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-96-112.msp50.r.cloudfront.net
Software: Logicad /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: http://crescent-star.jugem.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:04 GMT
via: 1.1 7bbee2e08e6756cf2f7ddbc644990856.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: MSP50-P1
x-cache: Miss from cloudfront
content-type: image/gif
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
cache-control: no-cache
content-length: 43
x-amz-cf-id: h4b87V7Fk4EzQM7IcoLhBvNfQDz6DUIV87aonvezEnfMBvgU58UgZg==
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:03 GMT
via: 1.1 7bbee2e08e6756cf2f7ddbc644990856.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: MSP50-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://cr-p31.ladsp.com/cookiesender/31?cr=true
content-type: text/html;charset=utf-8
cache-control: no-cache
content-length: 0
x-amz-cf-id: ON8fGf2GO6q0MVtM6zaHzs6kmzvPl-5f1LjjjT51oqRWCeTaRRgnqA==
expires: -1

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 156ms
30ms Preflight
application/json 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fcrescent-star.jugem.jp%2F&domain=crescent-star.jugem.jp&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://crescent-star.jugem.jp
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: http://crescent-star.jugem.jp
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 30 Jun 2023 15:12:02 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 429041
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 5502 30 KB
11 KB 43ms
42ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AgXhNadO5dfxOVphIKUJw5fIcvKdbkfPwvtq4B6pRoI0JIvv4JGQtqmyne0s8i8HKZk6A9MfWpVB0Lp8BMhEjIqpDyzg&cry=1&dbm_d=AKAmf-APRZ3DYpEVDiRC7t8bWOhDpGdvwtumW5v-VpJs9xBJp3w3_g_LFsItO6SMI2dkTB42oK5f2yjLuMJBy5a8-04jTwcPwIUPEYgkPc7aiHag8oILgbQOq2GSOqbcztm2wTGANTgHuHorGGnOMVhLz652RTuX2mPqKxMPxwfyY5HrwF2tkQlqORKnlE_ltHDusyznc-FfBmssr_076Rm3MV8QI5Glph9HIN2Qef3B2jQIDO6afSBN1-lXSIt8SSrAyiSZHWIIXkjUD-R453P4Zryz9WVWcLkbQXKWjIeYarUE5iyet3-nJN9Fj2_nWkUKPV8vIfel23HzsojVu_xzbxynLqISQ4tQ8thwnS8IbhkVxLAzeytiDh8hMPmJsfCQAJKEPvjyXo7WGZz7S1fcwnRR2yFPbrZ76FXu7p7agf6UYabAYiXFbnEdpZfKeqwAaoBMUiEmZVoqt66Y2wdi4hd_2immnwiEX5oBlJKDJyxWDO5O9xpgxxS2BeiTOD3AnDKGaTtjbkakrmgh1TrzV7AYf-kHepWku-qoszLW2HzVjdHxXc4QtTkDT2l3MxQ2AiD3FpO3e3IKHZr39ivyGX7sAMOUFnNDVE7MWWoouMeXpPGUBGEaqikM3oHc-ggb2a07JqeRU9WsI1CBbw14HK21oXVkgPb4NJig-KFVPSZRhAifn6gUs4YmB_7UF14UaBvDIeKaKNz8GC_dhmXH4qaaafa1ZZeydjJaK6fg_B08v72Zzt-hnADmH5wPNwVaFywvJQS7FbxrMTJp1OtXnSf4Isa2JUra7LAQAn-esYc8RYSFO2Azvb7cih7_1kXejKRNttkDSbkxTT3KxBSb-IiOxbXB4T3XZP3V9BBWAb09_kb9ZE1Y9gJCrYQZu2J3-Z504NB4C2Vnt2gnU-g8EaXhlx6ppQ7_nB3thx22Cv-zxhhWh3Xmwoz0SDoPJMd5CpvWWXVd7GxPbclR8ldRz3XKrZI2mmLg7h6PNRuS2OL8nH8o_U9LkuOKDsb_b2kpuPH84oQ0Zjb1LEQC2M3Tz1_-KFXzsGzsGIOFmhe-SezOJU79_M5Xv0wJOfepewtwTgd1ac8rH6dBplTEtc8xd4Jlm9ex30aVj0MVPVL25YMlp84a2IWV9OiL6zAoDee777V__3_w19Y4TSAWyNhhU3C9ijiZzj7ZyJ19hP4y5xAT9ZuweOfR3IMhzRq4bCOMYGFQT3XRudnfTcZCvLK0YZoaSfTktvEPJqyl3D0XKyGYmvfmaHR2dMa7GXG3NeekQWsgGxzwYOpjr895l99B3I2Tp7pchYDg3K94bsu6qxmYzE0EMjwAhJRGup8ZWU63xQlucG3JNix1zofQqjRhQnSzXD967EchG8BWdDyYfmmVMV2fGVuxrfzKzhZgugJs6fKTBLmeNVOaYDtJEpkkLISsM2BXDzIY7o7MHgBrp1mR1yp8fHihHe3PCWzh_IZJkll5wgpnYcF6xGyURo6b3Jn4oBeEOObRy05QbFkmUM0C-YnXodUN545SE27tN-Y0HYpmsCvDSffV1E58YnF9iCzTOQqYs4RsPMLLyf5DtvSm6vn74YqH08X_SDEIqnfqLPwjj_5Z2fSXPxh5FHHuhQZJsI5UdQejIqiTB9FFGwJ-mV5irFhmJRdHP6xo3E75eYdgJDtwJfiaJkbvcJYvEJKMOnSdVx47O_WRe5CCmw7hI7vAxiVMigeTVWzqpyO--Gu87ngW4aWQVyK0KB-rP_miLgKYUFO5HDERplRY2_bgsjEUNIkvmImBzpeS_j7HZ7CUVmLuN_qTFio1mjc9fSOrSXYObtPOBdJL_HCvYQSG4teL6BShH3OK3NTPSnNP1kt7BeFj5HZtrAEdZ_n2m1cHW21PV0hsB1Rma4CCaWjk-1FTmmaklvCzvLTeSWJxL9Fkh0QfcTCW0vqj3CSPTgKNNtj_VqV3ZN31Z61xka-_sk7hMNslg8gGVYgs2Hs3ciOkDmaxzbsr6hwjPlCCuAx5Vo7th1iu9G8zffWG25bqLyxtWtSX3C6EvYtlSstJUgVgo11n80S-vd5E33WbY1_vc6gIxw24T-3mzotk-O58E31WvmL3llNFY1cVaalJp1h_32dF2d9lblnk3kiP30QZxybZDeHJCGPentaJqxQVI8zATIbJaRZI2e43bwfC96yRQJJMGKDrzOsSamQcQ0OEAQzuCf5ODnxJfblgXXQaKry48YSYvhHcSS9xsWELBuawt_6hBgtGeLRPcvJyobDlv3CZYfjhBEnhDXDodMme3WBPbcGmvtiMxlLEtlfYzNbkImtMhtPTTf7if2ccrFF9gIzBybMjiTQlYa5u2Gq_lqR97B6j5Oswjmru6uc1YXezcwaQPOyZvR-XDlS09str5P7HiujaPJ7S6tuYCNqDk1PgqOlx1E-rhf6_n0s5MwrdhY-xNUcdmPWbiM3QAZQPlxeVK9vo5lO7jUg2gdFMZ9LfEO98yGVpj0W84AV7QzZA8x7JzTbPOsUEBHvSmCbDyeN_7H5zH5dHWyPIJHjNfWhwREQwAEQbYpz0qu2Lx734oCE3BQG5pgC6HtX7L_jziGzBNvjsawVdUDJ0ly8chcHillZnP460U-Gc21lU1bzcz6qen7kGheHbq9LU2HHOJoFiHRfA0WBYphnMTJCgI8X3FTar93T1EUIO8R-nZtzxspPFFncd30PNpd1yEpOqgFMrZ_8UJxFlx24ikSVxEHFiSKGsW0EIJvo85qY7JqRDKZ_-mfPB3xVvePYLqLY_qKs0CFj-6jbHdscrd4fvEYDhD1bO0EGOg_83JC-zPa1F_sfQ-a_-6tertwb-lPw7BqzOwoiVJd-SlsnzdCtjHtTddnXaYVdlSx8TgFkyfPG-kkLHJkKTwrn1d8O0YDU5qeRbCWf4noAzLtv2VR4yliQSSjP3jmlbbUyNX58bv19wivAqAfXFXHVYmPrXLRWsQu1xNUppvDKSNzVs8Qstdmr-ZEabU6PoV7z6Idxxu4BUcfRHnwYOGjXTn3bYunxuWp9cw5cglnp_jjBJrCoWAD93xAgTUguS-LQc9XyUkMPI95dT-QFXYawgfK5lwwDFxLIr3cVaNwUxYU2PWmm1QZGcW6J5W7tZY_pmLftr0FtafNXD_Ov0ZU1m37_-y2xjGHWh31YbZnHQXrP4Zg_tAaNHdLY0s4RJNlgHZBu7UEx2QfyjbX31o229ScJjUQchrg0OMopwIJR5XsIC9XSz7AVUWMP4j-1ZdTqDEBD2B8NfMoeLhOTzNZKwQwSc14W4SfIpZI8UihcWWcHSFufQ9J6qmV34yQxD22gnBlXCsK1B6JVdk2QGBkRDv_JMNX5c8-AY0ML_-NP5GfNXoIfXLMdW__QOU-Eo1zkbZC-FzNKtzuBcnZPiyCG1a5w6AX3lNodeOGN4GZEOvfeVhxqVPNfAvhNQdYObE1USAXI6Xr-Aa8JgZ0layuwF5l5pYIhi3Uwfw9tuUu-G4HM9vhFh9ioexlqO1f914dEwPGHi43DoRUHj&cid=CAQSTABygQiD-f6B86V-berF-lygsRP9mMcV6coNiSuzI0ADf3Aq6AS9Gm04pkNbjaH1Zk-t7F_fJ-CLbAlxO-dKFxvhePHn01QnI3PiD1oYAQ&dv3_ver=m202301230201&rfl=http%3A%2F%2Fcrescent-star.jugem.jp%2F&ds=l&xdt=1&iif=1&cor=1405930076806379500&adk=2975593758&idt=209&cac=0&dtd=311

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 18:58:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 5502 11 KB
4 KB 45ms
44ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 18:58:13 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5502 0
0 232ms
78ms Fetch
image/gif 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVSz14B_zuMD6phyxx0cqNBcB6wjdJH0MEJ9BUVKfQ31rpDrb9UB08UnBeMW7PQFKmq-hSrlwSyfMKalzGYZVxEGOZvOEWwOu4ReOk2_skmyC7FPFLnnYzJRajt-1jG8vTh9XX4CLWbyrI6ifTMxdqQrFLKRcGlVuvs0dG8BGDoB1LtVJSbchK89sGXaXND5b9BGeSGKXh3v37PTKJwUmE2FEEd2lC2_OLi9tV2JuLyx3ywfgSFVEOxFjbJshuhnVvBl9FoKSLrF3kWAPkTs17cqvrHHldTlq7JRRItT5FDt3xQbg94LolAIo0NBs2JszxYVx4s68LRwHsGh2h9EWqlfhncrY6P0-LoedAPDnbGK5YUKzrXBNcUp7r61XilSCwE9qoVyDcwYfLNkZsTQ103FytsH_1dMtjNOqK8-ng6hRPRJ4UG03LhSe_EUrKXvpSgeBYCQL0SPctzEzMMTy4sZAatZ2GcBUZzJAPD7rvHE9cEcBGKXR5uhtAOpk4NUjxAptqqf3QPHnLRktO9CgDswZZmkA4LZohfeuj642ljbEOFKchtCnRQth9uHlHqeOegTHnzW9qAXrv8vrRf6WMN64bq3-bU-ULsNbE8YcpCg139ZBJMFEDBSwvWQTC9pksQDz1YZrEJPUbJyXzBbPUDi9aXKxSZ_xCQT1UqKHEf-YismcbwUFEffJNYJjDvlbWITswSMi_NGHOfh98qhQ2zXoDEkmt8d3rbFHTYV6X_n82UHjZccj4PRzTBvIqaNhepojhkXZkYTl38BZIUrBF8RCs2uQB-Qh80U0PI85BmZobHuUDBzVquaVfKg54togTSEojYMd9p55nktqDvjBcJbWGhR6pwDbxDvRrJ1mmf4HI_MvytsFsNT8YiNNL_j30AsNdBPTWp-xHnoB4tU9dCx9WqO96gHySAX4hIInNTRUTgGAwKwBYFIHxMxeRYNaZKjYPPdP9uAOvLHfU1ASwpnG7UvieSD0gYthWGpTuKc-nH8Y4XdKp81lEiRqxMwu_kUmyslPXbOI0BocnuLUykl8GgO1e7xMl_hrc5eR2QEMCNmF6yqw_cHTWaw3jxyLHiRVi9XgMCMk5BuPWBvP_6WPtl-IIThTx99kifgNeaGHRXXpNQDQ30d1bAZPDAUT4PyoMq37segJOr6wIJWZ3VFVvzQY5PPeJN1uqtQp6nFwGdi-UAyAy97i5t4c_j8pDkjgsFI_qhKlPSimKSbB2SXsSRHBdvfbAs-JvrXYZkrydzJ9f-ODw00Nc_xqT&sai=AMfl-YSbnp3korFYKpNTsvWT1IW_EEfE70t4N33h9_1Z029IRAoqrZQluSMRDrt_UdD9_mhF_YL0V03nZ8lSfr3s0EUApxLUAvyEVptGv5uYbCEZHPoj2odGNNhbkpyLUFrjU7n_0G5MbprqQYyn4dzn0-i8J3-GtZO9xqOuL68he-O76ekmIY1MgJt7XYmZQowcY5r0BM2DabeOJqaUHe7EF7GdyM_Wq-TcOC3JveHa7yLYAmZ_yBzglm0l25UKdCDhFlYu3Efxl-8UwUi732uGfMhDjptNz5z_soaA&sig=Cg0ArKJSzFuCOeTwixYmEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=4&cbvp=1&cstd=0&cisv=r20230627.44096&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 30 Jun 2023 15:12:03 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:12:03 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5502 41 KB
15 KB 50ms
49ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 510391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 17:25:31 GMT

GET
H2 200 8964552396074085254
s0.2mdn.net/simgad/ Frame 5502 77 KB
77 KB 165ms
39ms Image
image/jpeg 2607:f8b0:4020:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8964552396074085254

Requested by

Host: 2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
URL: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3f8078ecd19b711cbfce00fbaf71e209ebf0d3b8723d99428a3df257c4f6695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 23:02:47 GMT
x-content-type-options: nosniff
age: 576556
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78536
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 16:26:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jun 2024 23:02:47 GMT

GET
H2 200 8964552396074085254
s0.2mdn.net/simgad/ Frame 5BBC 77 KB
77 KB 214ms
113ms Image
image/jpeg 2607:f8b0:4020:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8964552396074085254

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmhdfrNn0KzeYxgYiP-_p5odDulM6ZLOQLBo2_t-0CM0U_0KibgZHNekrBKHSaqxBnXedO6ydwKzJVQnrw82Bc8AZVgg&cry=1&dbm_d=AKAmf-DQE5dt_C-fsN-E2cNWlG9lLSv4Mh3ECAZVeQV5XNbhab3wYNLKqpOINbaqfPoPnAyls7o5Iks5Ks8aZY1Edq5dhis3YQGrZ-mbV09gYFHjnHC9kdmLy0KkngnuPhAK-R7mX9xw8DUUJP3w42GxambiP_Du27ZcB9OWdZ0tEH_xJGiBIvC1ISy7em9ZalUr8SCCkHmSnbOI7WWW7AWp_n6dpOxcTV8ePLguFjUnhgsJxEaEivW-KkKAvXjNXqOX_ihY14RhnEpBJi8eyyV1oOQq1IaKdoqI8hLIJHHb7-WWWVAw-L8ad4DDbgyG0pvWwEifIJfoijweBr-KWrwFxxc5Xw8mMXMB9pn3BiyazDnE2QiRfX7pmYq9FxUtcwgnBPlMKa5Bm49AFn8b2zsypiXjt6lvz1L3cArVt0ekeONfx7hWFLVKcDwWaInpHfEDcRa3rPIj1D70WOktRWjqSmtrps4nxftki1zUIIOI_mwfa9sMtKQDYVFHPlehDGE9xfoKWZCexlZ7KbBEvc0SLNUspv1HSU2X_9I0iODMhmCyVA6CthVQLaOc7aytoqb90co5Pg-OyfBs4WUS54tqiaxtSl-wHfRb2YKcRN2mWPj84kof2mzuNYYvg01ags8Dz8v1AUI5QGa0QWUV95y1K3vXexRmPFhlK9QC4Mzw5iUz-GMU4MXmAxLSA8GMCOQK8vnqq52He56Wsj8Y9ydnWfj7KH1G9gKwIzhVubblW2pvjiFu8v0AMyE_Z84m3briD8jNQyq7RDgxOfB5ZGsHb8CF_VdIgH-1DsYanQWdY8PhMF45Q13i_FGQEZwPzl8Xn9r6g6asJB8hrCLCeApjLxa37ZECognyz15OcW9JoRE3VcVt34hWUIgL1ZsyPyu6KACnmcM4DWcQ27RcsZZeeXeW3Vlh0mjLjdaHDwoJJrLGOi3eaHpfylUsW-FlMY2aDM-RnffeNa7Iw2hx4WurbWfyfoc6conEJeUl0uTWkJHL7Q7uBpW4_bjE2fwXfVp5oZGHxKPO4wrY8GBieijT8SYm3BXVX3igfl4sEzylzZqnBDTFGH3IWwFAASCFNpc7YDNSRTpM8bChS8yyk2s0le-6gbcnlrocZwzCloZBdoSkV-30s_8SALPGhKhPqeB_5Lc9kd6GwxJb2GtlfoPdjL-FQP-7biMwGfLZbUO8sqLi04RHMd7-nlmq3Su1Yx_eVCfZeMiH3cbJjMcCFAeDjiIY8mOMc50fuZN8tYcJVpFHE9eZlDHfvOVYNMbvqqVGyXVGjWGbmRdNli-0hApWYVxN_yat3Or7tJqz0-Y_J_7jqdfio8HLR_Bmxvoq5SlvoY8JJtWjJRRiYWrwyL0fK6xSB0Rcq7HXNqJMUKAuzbqXW0AvAyU5KSEoVeCOViX6qBt3XgaBCvhHYweHu-frr5txMGgeoe0EF7NjTbbkdpzXN9zwlRyrrksoc4aiObUqFkeKUfQmKOIh7Yu5dW4yrgHSuLPykc4_YGZHagOZdsWFTHRXL1yqfGbONDTKmtpmizuCSBDUy1gF8_dfvX8cDuF-Zz-SS9RewS9vGCGXhsuYWzFKI2SMacebgNd6qhQKSpgQtS6oAXZiaagXOCYd0hBm-ze9neA7TgN7uNb7_3X-0sHWfFL7mnSFHM7cz2BVZRKrAZv3qI9DpkfjtGqjRCaYxIRFjiM2aiqp4uPt1RxkZ3rVMnvzvmOB76Zz7Ziqt02tw33rI2QJJe__1nlpvXTkzwg_oLa4c0QHjtnDsB6NfhSgYTNM5oyLfIN1V9utD8pS8_5x4sxoa1h8GGwXBWmLRdgl7GUiNR3K8a1ALpudmJtkMZ9y4EO2tRok4FvfR5wfffnLZrFEIMY4LmgNHK_-0vagqqH3UXfdXNIx69z_AJ2vBGWPeN6xVAwfz0jfIsVow3u7X7vcAtv6_F5k9jH_hMAmSC8C7Rh0CDAXNXzz3vlqcOuvSvNY8-QLoshQIU35qhz0IAJqjMgBJJB5f7-RBoClJ7Ar1GWJlMTbEyP3HF8ppPZR1U6c5Z3ZBGgN4BITNoN73FOQy-qba8frculKDU-nwVqN8-1oof22EVvYXvQhlP7sxA3_53Y9ODIrdG0l1251U7FR5vR1Ek0DCZTWg4YC_nB8KIahGuEtp5-Q1-kIhFgwwdQu3iicj_2d5l38h2cRqit9gWxdlS1GxW7tBZHkbAYBa0vB3F8P2o0sFHOo6hxieWErVv0ydntFMrmLi_E4WeMLYS6viRdz9nGpo8eaMzJRNxGUFrNttpbo5HorSen22xa6wLZT3T0_vvuuVlKr_BboY3IkbgmIG1pvZ0jpLEzoMn_wLGn57Pr7BjXhMCZcutLj4VHrCPUsunb5aWyUS5JD3PrU8sejSZXR3AomJibcSgGk9OQFs6QoOI-gGbuS-odxOKMfZOE80qNe96_hn2AYUwnp1icpN5AhNWkXNmhB2wEJljWu3TJWTcO8me_DlGhjjKQZ8zPjT75lAAkbCJkw9sNKAwtPDQBrVp72SzXb-fOkncbKhcnmWwbw3yo1U9PqAPcej9UqVQ0dAk9n7X9ZdHPRz2eaNAttLw_9dsZ11ej5W2ovYtSUvo_wy-WoYpsSE_5RD8XA3apUFJYNNKqxdLDwf1sq6bocc6iXZ0O3kftwAjY2hgBCt6km8youPyNetH6QAtmk3yf4YMlrtc6U6b4pCR6zbU7ShkTJjFn6dK4WMe67GePbBEXO6w3qx44NmpRKXv6gnS60QswWypllXflWRJVqsYyv-UBm0MTQjpkY5V6pI8BUHVnhhWPiPz3jpi6g2rYLUfYMFaNMgLkSx7YaKv9U7Q1npAvVtfqR-1KRhyJG9khDzXFsnnCNwIOzDEXuCfrsyRiptgCAnteWQPxuYCCQC8YymJzRP9pOChx3uo-oLrSxg9dqfz9VvsD8C9-TPw-JIvQr6PLEGeqbcJsMUiLnihQub7c8RSaNlAcDz5-LqZs_a4bwVQs5EZKkbArNdXT_ixlHy9PtUs-Qy7YbO6eSCD41Xu7qRgrRM7MeleGnDrbK8L-X-L-82H_aLdqXe5pwV_v8vC0YyjevG0Irp1W6XHKPi00m-1b3XA5ceCfKje6r5ErKB0TfpCHG7Zn0cCAM49levzNxoGoBd2TMIbLm77NCpaZry4GA9NyKsdI5UaFAeM-C3GVBfd1fAb4D8XhkHbG743lraXQI0pAn2hmhhQS8-iFTqdsPSWTTqXVVqqBc5QIvRmKpPhkoCBPLokIFAx5BbdzOSADd5S782N6Gt58GKbkv5si-DGKVsbcXca8mShTYxW89m2qsXiCeiMEbG08sC5pp1KdoOXzbnjbyvNNy5pfC_ntNoy8nV8ObvcrolyOmEIyNOvopneApZq4bmNVIJsU-vC_gXkBH7Sxdyw8dfVKNMYq4d8HnAoOJ6-m8mpwVGNLNj389GaCKSgFohbjqthW21DLqXBIbx1uYo4Nwy8z6nrU1rXlx4o7r4Wlbx5CZHIHkosfS6JVRqBbykcxxe6od&cid=CAQSTABygQiD-f6B86V-berF-lygsRP9mMcV6coNiSuzI0ADf3Aq6AS9Gm04pkNbjaH1Zk-t7F_fJ-CLbAlxO-dKFxvhePHn01QnI3PiD1oYAQ&dv3_ver=m202301230201&rfl=http%3A%2F%2Fcrescent-star.jugem.jp%2F&ds=l&xdt=1&iif=1&cor=7814494757126585000&adk=72288713&idt=301&cac=0&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3f8078ecd19b711cbfce00fbaf71e209ebf0d3b8723d99428a3df257c4f6695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 23:02:47 GMT
x-content-type-options: nosniff
age: 576556
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78536
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 16:26:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jun 2024 23:02:47 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 5BBC 30 KB
11 KB 61ms
29ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 18:58:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 5BBC 11 KB
4 KB 68ms
31ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 18:58:13 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5BBC 0
0 200ms
82ms Fetch
image/gif 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3RyVzIRAaRAdQoHGjnErXpc9kz_MGWCZGBGHqPA7-ctxt-LEqIV122jLC59nDqZpD0ke-4thRnyYdvzmIEw7aSvP__TfrzN_Q6Pr6eOr5Ao_xl4sSJYAmWsEya8Q0Cr86FYoUxeQQV1klPlL3rbJZYhbjpN5iV-slX8Z55eUORyNB_hcj_9PUqsmqAmw35SJiJy5EB4FvISCwpvuf84YNC1KyKv3E4_o0QV35g_yMuq6bfAoh1ktS0_SOxHPGxY6uuDyWSYAU7gi6Rdzz4Pf4phcsdG3OnKKTQFQ91yyIY-dHSOZmn-aLX5XnXTP_zyp7WTrAY2eYFPMCENdSj9E9tFR1galMNP8u3aGaspoQvFoJB6tOdG3EgPcqMyk2of2_ZCWOy_WGAIMHbO_c2pX3sZjoVdcl5VXsCto3UgNWqklbkjCnHNIwD0rnFuS8OdT4nfosxpomk4BWimnAPiUDextJGXBBEeJkuotcLN2qgXvwEBAz2xl9eDtDfKIO9siz3rJONxyD575uHvaz-ktMJu3B0jfoGqCNgbvNQqS5_oqP9RQ3DDvWlm0g0m2dt802mDVU_7Pcg2H5_FjZRtolII-_rtYVR15SCs941M1AuPJXvFZ-lmIj2zPobFbvPXxIvTpyajgSLVjfInKClzips8ld6uQ6eMD2e7lO_5r2WULWwO43NS-a6lKucRacHLS6DUX4GWPSSetNkU_A3Unu5oZY5hrY8NEJRy18iOk95LwbC0uhAEJomZH-PNDjdiYBp3QlSLDNdc44DYk-tWy63i504F_Z-mHQ2gHxF7mhFmaRtoqXGtiyZCm8hugxg3aUfcTYy_EW8HPAioiviYS3EEHIAG8YCALY2GzvDv3QDwmVD0EIQhFMV_p_-wM91TFULaWpWWk2WnqBwkhVjo2iLmHyhTtIIdQVdvaIkNna1uWSlJoHu4g_cO1i3xkcVUfrAMU-W0jF0Dm40oVUXKfVGDYi8-L2jKZ0Ur3giEU4sFQq-2NIqIIFnGpCKv4HKYKFof6SgT_gI87DSC6gFT5OpewoF6gNI9UOTNiTX4Or-Gk12OosprgKHamdUVsmuPp3KhZxK94qcd-_CmYUO0CpsDz3A4Cso-Y2JeESO6NAZwVGAfyEIlbgFmOwkPKDo1BnmpV-5Mdfu01tZEDvcNg_GzKRWI37gi9jGmxqOBgNLkQehOgZLKEBXbZ__1_CCFhvujs6vDIIESItMtfUSizbhwoemUnmyhzznI0maF_C-fM6l-7QKCsXXqfkEOixin5nww&sai=AMfl-YTuyUZoJPjgck6m9O5xnQMkr1rxMmcmykoxHEZnypEttkmNh_lZE4gnXEEJneLjzoqkoIpOhmKzmCxZFZY2ky15s1MMcFQuWYltXXpuCTpYRpLL2sCQWIPu81D5X3GOT1SD5UtAyfsFXuuWc9LcThU1W_dI_Oe5m5a4aqUnVPFXQsHLG0S0L6RbB1HI8WiZ0IkMiZs5RPPDAvEOxYMloi35Ifw0r6euugAGN93pPcXvJMbmESsgsqkyTUp_R7Cy4RQDJGpFH00tyQ8EFzUYx704L_09xrcMBa_v&sig=Cg0ArKJSzM9HVRO6KxPmEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20230627.32437&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 30 Jun 2023 15:12:03 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:12:03 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5BBC 41 KB
15 KB 65ms
33ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 510392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 17:25:31 GMT

GET
H2 200 8964552396074085254
s0.2mdn.net/simgad/ Frame 3AE3 77 KB
77 KB 203ms
127ms Image
image/jpeg 2607:f8b0:4020:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8964552396074085254

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DFeyuWHXi9s4gDFzpabZU-HD2xMQA2_zJQERMmZYM9B6mclu6r4r9O1Ktlmy5Jk6cYiC2-GTXrz0P_HlKZKgJN4FzHig&cry=1&dbm_d=AKAmf-D8wJloZ849lV3V0BMSI-rUh1z1DDeFsXboXaLVwid-kCcH0Y0tQPpBLNM7iRSUxB7olOtZUv51-Z2T0iejwo3xyvE0NGx1CB7eo5u8XutYIwICYhM0Vn3uYwMJ5AfRD_4e-R5iD83zBBohYV1Meayhiiw0YWsrGw1qOTSQ1ZNNyUmDEL3YUkssnjmY5C9gcMTKEe0-nFlyZNzarAEJqfgRV1oFiGyzQBexUdyrlcemScswnZWAkApsD7QZi7LgCs2wbOKOXUg2crrs685dqvxz8HcgFx1dpxMrWAN_naxQ0YRdd8Ldg6-s3-eTPQlsdkLBW3-HYwbT1VZT3rDHQUljatM0W-ygDZGflfBAh0f2ncX6qOPAOR5IPPDu48-jCNPU16jzbhFikwyftgVvWNiEMOZfGGGmq8SPPd2psEHsvpZ9b3wSjZ7UHBA6dzpSgjDomlUHo8ZHtL3JzORwWpftzEQG_W6P2DEEm_V7f_jIfvN7hK9P7lTpYkBEY8782v233QhDEbctjXU2kSPTL_MkpYbJqnu0Np5zg1G24RpK_cnbdKaWV6M25Wf78HuTtSHsVaB1-uem_ckyGYxkqNW2-wGzLqPSu4Oo0QhZtqImgwFc6wFJmJCXLmSRaedsTNb5-HbpI04HcEbvTPdbTv2LfyxJ7w4qCpgjIjSCiBkerEnS1pSYvPl7y1xZqTkKuLelgmgIj10NDk-OtjGOSSRePCrfXnRDEbo2iXvrPdIZkaiZUJfyRekud0xJ5QQRtLAOgrlQxDqFP3zr8V0_x8jERutSaqJ9LnK6cP-hNIjpOQgpkN-f7NAb2rM3cxFAO6GSjE_mNapBTcNwuySLazAtK6wLMlOYf9gvo1wsAEfSsca09NfOyhvJDmpcOHJeHgZ5FtzZj2VFwc4iSnISzaPzRf531CzZM2pRo-DHdeigCEHwbU7RaxjCnVDcAGUNL8L37TZLnaafPyrm6j7sGKU0PszkZr6j-8SNLUPgt2bowvOcSHXauG_kKZItZBGaGhwLI-lWJTiMQx1Kqr9XCButM4h6LrMp5Y9me53XlzVDaI8VR5hi6WOxVXUYoUjSoApLGWrGA_x-XayYa8mwPYnL_31_-GMUM1toNp3ok8_oziSH6uK_WXMNSf95z8Bzd90byihvjU0peM_GXi_RHVR9l6lxCH78e9ZaX5vO9g3zvBYM3m5t5eZCkGKueIHQnjk5cQdmr3NWC8XGjdi1WW-T6Y7BM-3AWFjYMJ7hB6Iz3roGddVkHI8NoIRmxEn4rxtUEZDnFqiHPBSTemDG-CfyqliL5r37nrbDr33J-_hlD8jCHyi9SPW7_0fVxM3PSjC5KeNUB-Z1PMtzD6QutbQKTK-RXpmVJeAbou30AB46cb0jMle30sjY5DtFA7_FP7cWQTis5D5_yMBAr6evXZ7LZBvFxrb1M0EuRutjPsplxxD6bM0LVqF60OBF_ZRXLciakkAgwUASQfUiEtQEhLatNTCD24LX8jWR-P5fLcbeiXDHnpkYpd1S5-TxQ7HXfhWbGsSFHBlwK14BiiWx6G71xvSc-5mwx7W8Vy9fOJRJz2uB4sLsIOkbgDGCDTloVDrkhLvYIM8PH8nBRCgHaCUB3_d2ImFhKERvhffNPEjdSBPk_0DpBmuvUtZduzV5VAWSmdl8R0LVNgaDT6wq5AhmZu11cG47ORaW_7SwFEpgICuYYc--vstvGpuvYk1jGrh58AEdqruZFBeFD7fKpSnJ3o1TYhleMszYcv2bDNFgTlJ3rrbbY-Ybmc4H2aLwDTClcJrXnrOdO69QB1wfwDzcL6Q3qroyXM4sAsiek0Z2WuLVCjHsKLx9pK591NLiJ0lrBxbtjoMKWFUba-MfOEPzdJa_kaaTF0Gg0zfKmp1c9RmBa_C__tnFy8lhBcBlitcZYj6WlTF0GvxjS34sFhAs8x88fwpBa1s4ivVUTCioUSI01CBhhG7heeEN2MqZa1KickB-eM_i6IvXv5234xOne_qc0nTw6k5dsCJnYP1DoSh_ZbXFL68I5Or08TYaiAGiXrURV4oeoG22sx_hCHwCRAP6IRsuTHhqYRXno0sxccZ3D1pq8DGL0lrIEBMeDmsCe0NKrzxSmtgr3mhxEW5emGKNAteP0BqRix5GijEkt9dcQrWAvLjtcENBudgreOjg7ACq-e0XkEDgQXE6eGhwKPYjHzwlCDq9B8FOv-xNa_Sr3e7GjR-YlpKMMtzVdnQ70ewvQC_hzo8wqwuh-orlv5AF_eZBmcW4UsaWsnBWYkqYSjEXrldq_c0P6Ibuq58o3w8QaO8tbiSFagv7nkIeEVWBt-4kRpseZoESmNvOnNeSZWoOHCZn-HIA21UQA8Z6JLh3MiZ6E5hk8p1YcARLxbhbrny8Jbl14JRT3RDmpKmiDK6GctLarmq5vBcZK4wHCr2XZkrGwt_YSU2xsjFdhxcjYluS-TcTMeaO042VmXia1hCjtO6M0KoJiV1J7ZnUQtsQNu4ApDG1LhvtSdEKU_6ATQHAg0RedH452eGIkz0mHwOhJTKdwYfziBzrzPhxb070GfiUf5EwPF9u4Fh2gf6IC9XNXHfXHBRiVRYH1mrm7dYXornJEfmsPdbDPaeh-FvBaMh90ZpaSPWi75nwCWvmTMxn3R_01PFm6IcNIehJHPfjOxUVkYdfrlykzfmdlcUaZdYxyvWCjJN7QkFAswy3rdkpCmzjfEnQgj1jjzEBY1V4z7KUgbGgLsAg5nPxYahsXpUkOvwnZp3Eb3zNyWkUfB5nrI_w-bQeelx_Dg6zRiwtG5TuG71hER9HFlY65_0zQ5TnCcf2lEM285UiB6_HM_P-RauQxslTP_VQ-qsFqUaFjZUxC5XGTKxFurJe_ux6A4lb7hqDVof2So10KcKxrHhLd8QxAFim-kPBSWbR3F_e7BzvqNdhT8rexgy6lUFGc2V1mYUywk9eCBHahuRe0ntoTGN_ad4aHZx7Yz3sbSo0PULXu2eWKP67Jb9uT_e8o5BJUHljOCU1Gm629h14s8yNYh1S6-Hxr4qa6N4NPzvnq6CnMrG6-Pu6zsDNIbotrLX0f1lr76IsUS7SasWrtvNr5OHgO31R8aHldF0F7gcgJQs0CxQS0GNSvY2O4iYJJL8Kc1m4JQWKNRnfkybmxap2ZMsiPPKLBMFilpwgDF86D9RTRxbMGH95utSi8xlo0Gbm-9g2XXdDu0QErgQEYftbfhgwCLuvG8va70zgeVVk94K1goNOVt9jyDL0jtBZDt6ysNl24H08E4wG6IBTiZEvRTadugvAQ22siA5djQUKdaa-D0MU76u2BMilGoXQWoqEi839mQcCZ-jBYFuDP4hHhw_I4V_ndE1ty4TsIGG-7cIiDSdQ-kzurs5ca2sKEEf4JmEKvtPYOV1y_QbdE-bcC_WHmdEQvgKBVSG2_8L5S9J0Etxm7sUrxJw96BONUb_ED6yn73fTTaSIpC1ylSVlbW2pidzbrgDyn4bPkCMWdow-f8_5pwt7A_3k2BdP&cid=CAQSTABygQiD-f6B86V-berF-lygsRP9mMcV6coNiSuzI0ADf3Aq6AS9Gm04pkNbjaH1Zk-t7F_fJ-CLbAlxO-dKFxvhePHn01QnI3PiD1oYAQ&dv3_ver=m202301230201&rfl=http%3A%2F%2Fcrescent-star.jugem.jp%2F&ds=l&xdt=1&iif=1&cor=15188030865402540000&adk=2742791599&idt=237&cac=0&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3f8078ecd19b711cbfce00fbaf71e209ebf0d3b8723d99428a3df257c4f6695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 23:02:47 GMT
x-content-type-options: nosniff
age: 576556
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78536
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 16:26:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jun 2024 23:02:47 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 3AE3 30 KB
11 KB 52ms
34ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 18:58:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 3AE3 11 KB
4 KB 67ms
49ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 18:58:13 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3AE3 0
0 174ms
79ms Fetch
image/gif 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvX7kpvwcZ4ETEi499dfAoiCOCSwcPQQUjW5uNA63mqQizTl2R3MMUd6mve1pGsk4jHe0J4wM3L5hJQn_Iq2FBPbOjpdXkS3WhqX-LLfszz9gl9ZdMi_pMxcIXOY759nqqU2oYFxQAkAVt7tAho8pqMPr5v7p0Eh6bUE-kGeZpQ_0FO-rXwSf52WPfKMBBfVhZ-hSyIVkoAzp7xDqiW2HAYDFzSAMGv6UyrKnWhNZB0vzUIiBoE4-OOC0w00ejO6YjqnWEqsKWjAU7dJX3qCa88_32AA9wbrs8i9aNuFlzDfomtdQhBKBgtj8Z7TBXCqs4zDXkTYWfkko0VHDvZzBSE-Io9wxdCCcEpbcB9t5PTHxaraaRI3ZP6x-SVNXotcEl2yoGHg-sn6vuiLUvs1-dvOCNo6OqYnu8rW4y4mHX2OXnPlo_l1x3uqF_eZT4igk9p3ECoo5neV1g_A0pTsr2TX8Oa3Gjf4lMCBMw-PRtbz4t9RqaQbAnljbFO0K8RQVekRFDk8oQoYTlm5gomzGtZ0_AlqfdLUGaR7sZPM5hiDsAMQjc9slEDtHhM0LBJYikgDCHdoHNL7YQAY-8bjUaRjpLoHAae2AY6z5vjKsd4nmFzuFT3lTzYkuEdMP2QWTgW8QHcO5xo3U1rFZLJ8I-yy8FU31mnH1oov9-bJV7fLdL9iubk1MV65Vj96gbxx5tYpWAeDVKbdaedQkwNEYmdx0mwm7JkNfAW1x_HEbCcUepxskYFq3LrRRyFHv_iID_1K1964ArEovKFKnrDo_1QpZbcGA5DrsipYVI4UlNI1gBSjsikG4f3FS9LYHnVvoTZngrQjpY-igvixwL0UFv7tDL1wLCwk6-36BHT8Kp9iLcJZVPXmtc9shcvwUDaW4poLAa41nKLDUtkbyckzEJLwK6f8LMbq6fKCOSS7qjNF0kxWLKIXgOYn_tcWnA5VdzI7JdAnjNDV_-BFgFjBEt0EvzYmkCTjh-hbRC4NehHolOaSFZhXZrApUsJ7zIVoRm0ZQbexo8Dx6Tati07Cu6MPhoiotwzgSAd29Frue6kjTctgDjMYWryzlFqVZDGvfX5zf7nOSTkVtvm-j9Qu5lk4wvC9Gad9SdBJcsfN-Ax_kKIrhEswsVoyzJaa1HCkp0D2Gf72IMmKDWjuXO697XIe_JpeB3_Ih0QNCm4DsU1mIRO1dsG-LPBE3JviBIN-jQkQIJvHUUDJR-9OSsh-6kXsXn7xT3C_EDCJP1GulqmKHZTCSacteCoI3Nc4fc28zjdng&sai=AMfl-YSOGQCsW8mKJUR8cRujmP7_uoFLbPi0--TzgvMklL3STus5JTCjAyzoCYpZbsBoMGz6rPWVyz7qKUnHBkXH8v0REUatoGyTcteeVHrRFCymKZ4lhy-vS78VBiPW5LvduEfjEs_JShiyb303D0c1y56EGDb1upUf41kbN5hFJGbb_p6jf35Vbfqgm2JdtWX7pAVNI2XtaLMZ_VHENpqSH3ul3_kSLDwgv76CcoFIHeSCWm5yC1HCwc2uAtQAmNLqikiaBZpf-QdRR84pyYB0cHStm9jVZONeyMjQ&sig=Cg0ArKJSzHiNQe6ULe5lEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230627.00804&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 30 Jun 2023 15:12:03 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:12:03 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3AE3 41 KB
15 KB 44ms
36ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 510392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 17:25:31 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5E26 34 KB
10 KB 43ms
43ms Script
text/html 104.102.111.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.111.7 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-111-7.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 40ed6544f8fbd27415b19c458bf043cc143f0d15ad1e5adb175b90c74b9849ad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:12:03 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Jun 2023 01:38:20 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37584
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 01 Jul 2023 01:38:27 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame FB5A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=6b724462-72fa-46ba-9c10-3c9c030bc1d5&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
353 B

59ms
50ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=6b724462-72fa-46ba-9c10-3c9c030bc1d5&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 30 Jun 2023 15:12:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:03 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=6b724462-72fa-46ba-9c10-3c9c030bc1d5&dongle=0cfd&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 251

GET
H2

200

ebda
eb2.3lift.com/ Frame FB5A
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Nzg3NTE1OTYxODkxMDMyMTQyNzc%3D
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

50ms
49ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame FB5A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFnq_bpfhYnboMNwdx3YL24&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
353 B

51ms
49ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFnq_bpfhYnboMNwdx3YL24&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 30 Jun 2023 15:12:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFnq_bpfhYnboMNwdx3YL24&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FB5A
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Nzg3NTE1OTYxODkxMDMyMTQyNzc%3D

170 B
188 B

46ms
45ms

Image
image/png

142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Nzg3NTE1OTYxODkxMDMyMTQyNzc%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?

Protocol

Server

142.250.64.66 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Nzg3NTE1OTYxODkxMDMyMTQyNzc%3D
date: Fri, 30 Jun 2023 15:12:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame FB5A 0
365 B 71ms
50ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=78751596189103214277&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:03 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B430B34E742E4CA495E88331A968DBEF Ref B: NYCEDGE1317 Ref C: 2023-06-30T15:12:03Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/Wj1AckiSw2JXN9Z03g==

GET
H2

200

xuid
eb2.3lift.com/ Frame FB5A
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=78751596189103214277&gdpr=0&gdpr_consent=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=4a36156e-1601-4858-ad5c-2547b927dc07&ssp=triplelift
https://eb2.3lift.com/xuid?mid=2409&xuid=30c28880-f135-45df-9a1a-123ecbe9d4b2&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
353 B

51ms
48ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=30c28880-f135-45df-9a1a-123ecbe9d4b2&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 30 Jun 2023 15:12:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=2409&xuid=30c28880-f135-45df-9a1a-123ecbe9d4b2&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date: Fri, 30 Jun 2023 15:12:03 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 c.gif
c.bing.com/ Frame FB5A 42 B
669 B 146ms
51ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=78751596189103214277&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:02 GMT
last-modified: Tue, 06 Jun 2023 17:31:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 115ECB5AE52A4192A2B651E5ADFC616C Ref B: EWR311000108047 Ref C: 2023-06-30T15:12:03Z
etag: "7cd81bb49c98d91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame FB5A
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/78751596189103214277?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-7_pe6P9E2oRkXwVcmVX1ZFmO21lQYFG3zZvpSRsTaw--~A&dongle=0883

37 B
353 B

51ms
49ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-7_pe6P9E2oRkXwVcmVX1ZFmO21lQYFG3zZvpSRsTaw--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 30 Jun 2023 15:12:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Fri, 30 Jun 2023 15:12:03 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-7_pe6P9E2oRkXwVcmVX1ZFmO21lQYFG3zZvpSRsTaw--~A&dongle=0883
content-length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame FB5A
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
https://stags.bluekai.com/site/23178?id=fLhZKkf-F94P2UhaE5Pr&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5MZGGQWSLNNTC2...
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=fLhZKkf-F94P2UhaE5Pr

37 B
353 B

54ms
49ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=fLhZKkf-F94P2UhaE5Pr
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 30 Jun 2023 15:12:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:03 GMT
Content-Type: text/html; charset=utf-8
Location: https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=fLhZKkf-F94P2UhaE5Pr
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 115
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame FB5A
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=8780596409763565358&dongle=4d58&gdpr=0&gdpr_consent=

37 B
353 B

53ms
51ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=8780596409763565358&dongle=4d58&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 30 Jun 2023 15:12:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Fri, 30 Jun 2023 15:12:03 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.249.40; 96.9.249.40; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 32156f0c-94fa-4ac8-81e6-c4d82ab9c0e7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=8780596409763565358&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5502 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 311290cfac05b49889169444644caeea9aec5ad3a04ec2f938eee8c3ea99053b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 8964552396074085254
s0.2mdn.net/simgad/ Frame FFE2 77 KB
77 KB 122ms
119ms Image
image/jpeg 2607:f8b0:4020:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8964552396074085254

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APAsnmhvpZKDSbs-e396z5p2NwFkn_UytsuAlJRxv7Gvguqs_souunWjhf8vqsfMipdloCBxV8Qfv9914JXquGn7dJUQ&cry=1&dbm_d=AKAmf-CaQn6lTD3zwCKR7K3ahhU2OvpGp_tWISLRpSydUsQfB9CIsUad0_oFRVEBf3ffIqk8JEEn3UjH1Q271zMV5WBtov7bLsaYN9o9ptsFeq8wyezQxGa0svgYMHQHIbfWISTQ-k31_q4vCNwP1fQqAanhAJxbLjH1Aql-SG4yTy4zYNjTzfzVK-IbxdpxDcZXX1BhISTPAmIV66wO92TVzoDWRXOoUrCJvehwCKdisUZdDT--0aw0wr-aJKef2wwfQQnOfb9_ADYV12iCU3ZtBNwB8bvwD7yqsRynAdGdm_WjCAvHr3r2sdAfWxfrp2LItTOpC9gTde_JwrQ_9UxG0gVSKCE80YBSxl1ZGRVPfKrp_3u_SderI1uukTLYXmmtYS0zO9Cx5eqqtQS9_3Eqi7zJOFmPaCDBiCxo0pHSdp7qIWUOQ_JGKD2_7FJ0HiD3AZeQt-ZCaqVEXi_zMfNt0p9BvFPVUV7WvfgSLr82OdFQ6weMmj5Z47mkxy3eqRxx_8lz3VkrzrE4SbDC1sHYfBC1fsm_M_Kt1sSWFz9a7jVOnUnltdek55Ghx8Q6VWx3nL9eFJGiYtyfpZwOAGsdm8xzhJ9w-B5WtBzYxGphrKlwHTGjkOlCOF9J5ATct_uqu7KAieiOjyx5uCLGj7yEehxb4bGthld8PQxnxKE3b3AUr0seh_95b1GbjSxH0vuZxWfXACIDF3apZFtwEyVXesRXh9LwA5L6TA94krZ8pDazvsaxtH4PIfAHiBt9MJZ3bRiRy56tGASfR5mz4huBNlI9srA7eZc_BGqx5ulZkIe-GGOHP-XWVJFiXPbt1i5XuhGaohv-sH7PU31k17jN6jkwRdF2xGUI_LzsiHqnXt3yh9_NKugf_-IaVI5DDqRDB3V5L9iKNM0sCLXIGoa8sDyKpBy8T0np-hRErI_Rp7QrrxPjSuhlU_G51PkyRUx93RAVL0uokSJrBRi1czohoiNaV29IckhjkA9X365FM_PJ2OeY2AMhMnaUe1ez0PcDZ3X1Ugh7nXWfwEMLaM_DfcYzWBSQwcNbfs7xscPkkoqO8I6Qew6hHtTnfNFq-RUHZnXocrXIpeXeVpZBlYm-TiSD8kSxB7QMUPcwXVMKt-Ev6LhUfFUVZHsiiMuGIYaJvNLgOFAgSbqi2BLkN5XQP365KmoO88OlpUeBZX1ONCyYgfcoe4EbRJMFLpqQcN_-I44xGfEpnISgsZ2albcvumDEMWLMU0JPGtNxsx6kt1W7ZasIpPtp85p8-etJX9HPoKxiNZNaMaezCvyrcOTbZSF1tzCzbJt9UEStPEBlVa9NjGWnCZ3ovP6hGY7Am_fj8B1uYbPKUyXqXkgOl_ELPQOaSBikI6NJ-ORfVaatI-lMIH8vfVzskkV1bNhAkftEPU1P3vDkVFg5CqlNBx4Znrw-hrU6W-2f-d0huJ5U2hIJyOIKi2O9jxZ3smbwpJvWw4DueCcNB664rDW-w3kETUaaflHPoeWr1HbL4NzKQ1A0BW0ZMn1fAXOzNBvrIhiPzCKk1fNNQEc7TtWv06iMtnPwcieh1W2sc0Fhjw2q_Z7qqcNNkAOZcseji3E07M8BrFivXKGSzF8lcqeuM8Y7PU_oc4pKtEBRF0UcS-0Aq1c3dbSnofMHQYADHX4G831V5nnDSdPqqQlS2qSpqkGgFW_GFuxIrpvC40KSZUtpeMQRwlWqN7q9Yi8XVVkXAeFQaJWHppj7xGIHn0SVZ4-Y6GFFhSjW3v5muVLV6fBv-2MN1H5gSnEPNkUG61qB_KVKthFsPN05FiyjXzOvh7jWO9ScfTgHiWU35VtR21kr1dhQWsmi8rLAP-KTBc68vwWBhH6ic6HJc8wHgvIS7vwXEVHOwKlFcTx9Uw_1ykY-ot7EWUU5Sq0yAYrKBWUODr-BOPBvT9cp0fPRcw1mgu3-Dxd1VvaFVhFnuLSYZkObgZElOOtVAEHZzRXnEAzZA2kr6N53sdi6ttu_fLj9uGNp2ffW89JGwn4Nvp7UkPTUMGGHi115P1lYXuRWIoUxakabr-nPs0Lr0w81ze5oiI8mjNSUbR_sy8QNWYeXyNca8CkCx-4GuYWDi8GpQihXqsI3Cj766DGfsZuD5h-t_cFNoJ0xKaM2gcOKFE4JOCzBnyFagt5A4GygrzRt0QNYyL5dF8pYQCfozlYD2BPc-t3fDMcXS3SlEuLbl5HBQewy-b1mX5Ncd_CmtKIn3hzCsmMVzd06ECkke8yu09zL3pTaqI26NX2V1AFi0BpslMnyF1xX7q3Qpkow-uMw1EsSVlF0cJ4ENV-MYMk7GmjAhYkxblSQvDowEk2JYxBhuruRJJba3mlV0jGQ5kGuuD3m89tgyKQmujJsETCvqJlVmuLIfKshwo4v2HZK5eYf1zRt95SSL3GlHr_JLRneU0CQWUvKk6xiNfEnZc1pvcGiFX03fEE1oOW3bmdYYxkyTU8sPuZ23iqUE937XDqhMV0nickZ1GNqsIYZIRtyiLVEcBOO4JyT0RnfCVYkiUSHg5VKMjZZ2wFM0Y8AGeNOtSHpiMKxWKNJ-zjWyyQaHf_AT_w6dGsj2xMJNvvJxHMqWxf8p3lmRmT7ifCOT08CJqGPj2Z9cpm1XSKvyPFaWc05YHQ8ac2huoZVmwRumBl4xyawaTAEM01IMYoYmdLyDEd7XGzPpaod7PpF2ev4dXpgmc1qFZQqyw963cYXnwfuTz2vCmVIIyKUJKXdGMWr6TzPp1_9BXjTVH5PTAtRzd_CjKHilICVPTAkHUNDd4tnFXbnMG-MkJl7o-4S_ZPyXo2rHl3O3zQE8JX4yV391s_G2sKQjNluEcKdRmyY0kqGgYntfj36n5IAlYSUBJM56uKZOR6jtB8FVxf7uTDY6ub4Pz1N21EKh3bo9qJmFfcV0py-O6iAhrqfpnd1QR3-8hPo7zv97Dc48xozyLGjO-HhF1uNZngpbQyvZORhA3lZ0-P4CaKqvk-iZ3XD5vsNTUqPa9ZLLmOsodh8o5W2msbfR-DuKdqbjmXlAdJSYdlYnEpPXHCLwgIp32Fgr9lT7TWzzBxEZ-KE_3gW1Rup_rJNqQuHNBXtaq8vATAXbs9-Ya9g-6H0OCOzNiRy_714-1nGCknKaBG-3CHr3ccstouvTvndShWPbXMk6trbdISP_AwTYF6qfRXk3LSFsnslYFNkWub9GgkKXAskAoEVGUBFDWvtbX1AO9sFwxx6hgFWWaXNvxpFmVhAAftQG9J-4uFN43xrReR5zVqrxXQUcMz1oCVgbo7WY8X8J4V9hjV006lxD3sfYXSvuvLkZqmqRxB_3btoFswpMgsLzSyBaZD3jFR0467rl0uvx8PdP3hulMlA7kVs7nKWqH0qqztfBBUwnmIH8p7M4e9Ybm8dK4K3gD_InlIqs3AFebk3GQXDpHWcCMo6Hz1c9I2Cti5cpx5F4Wm6sOYEUvyaCNBWcmaulLjMxI6QnNRbNeWpFuJKuj-0n3eAimjkX11-2ajCQTA76lAkdZ44nzZd&cid=CAQSTABygQiD-f6B86V-berF-lygsRP9mMcV6coNiSuzI0ADf3Aq6AS9Gm04pkNbjaH1Zk-t7F_fJ-CLbAlxO-dKFxvhePHn01QnI3PiD1oYAQ&dv3_ver=m202301230201&rfl=http%3A%2F%2Fcrescent-star.jugem.jp%2F&ds=l&xdt=1&iif=1&cor=3162322353430363000&adk=1851774823&idt=294&cac=0&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3f8078ecd19b711cbfce00fbaf71e209ebf0d3b8723d99428a3df257c4f6695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 23:02:47 GMT
x-content-type-options: nosniff
age: 576556
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78536
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 16:26:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jun 2024 23:02:47 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame FFE2 30 KB
11 KB 32ms
29ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 18:58:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame FFE2 11 KB
4 KB 33ms
31ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 18:58:13 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FFE2 0
0 77ms
76ms Fetch
image/gif 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuQmsUdBJtzHTiMNAcogoMth6PhBGwnv1eJf1BeLNm4h6yOYb66n6wl4rVnmMTdpdXd0uuJL5t4GvFhHGrj41h2IlIYXLw04X1BCq_ZmOH-QvHo-p-r6xEoEWqrmFXilXfwyky9zF4uD-l9WNKEr5PicwvikCoEVZmdCVr8LujjU25ZmuNbhGBFRMpS2ptza3K0UB8d9SKHRqKiYcACe6bJUAwmhXQbcRmavoiOgiIp0O-HSVZtc4V2QQ-Q1fiAorpUaNZXExLlEAMrxeWQcd8omjCJxQGbHBCs8cp51ezwV8FMxT8JUFOb125i9zNOcYcYyvATo387WVAPSRoZs8uoSjzRd9EJuudomiJvnnr8mlG-VemnEH-cW51JM18Vyst0mk9WtRh43A1_MHs4DuINzNaIMxXh2RoD25ugeEoAJFbuDOHp4DGC--vMI7NM7pDmnAEKTmDUosSluOMB6zoUKK7ih6xDI1XJHLfrUEDF96sJWCYX9S8sWGSux_bt3AbqaRrXtl5qBTg_OrvP6AJyHzwjFNFWyHBP6Vmuwo31EKBwYf4YmImYKRKA8eTxlskBj44-hBXNhZFSQTSSDEsHlasOGJPXsviKoWO2YJ0Uh47JrfW__d93VL5dlUEYpaCHgiX2_fRC__6EETNp84iBYTqOeDTvTrGmXnkNJUWSLkjSLOaHMfh2SbElvfOTu_64USsPM5k9O9Cm6cBGy7qEpGwMCt8NsFa5c1VS_6jrEfdNwX-RmOxAxmggxkFKXc9oIWLR6BcjqOOBsY_IGI9A5a-ceApKVQLqjE1T4HJmphgXubt1qy86zKIMqNmvtStQURlkAMURh3rXMWBxgIxEznywaYFMooXebT6B7ITMkRT7J1yQ4CVI2hFqcBaCGjc3YxUDHqwQLDFe2RIW5e77AebUIEOERY655DCI34t6PiP-l-JwtVnNfPyCfX8WmBH_iF-lpoNaVishsPBiN-5f7PfNKCoaJ_ETSkjGqBsFREjIYom0XC8EyT_-rqBBEp3rI_s08lYPLL0JkGbeNepe4NzCKvAknxreks1JtSVfzs3M7_O15M0J5snBI99Quu05EaYsznrwdSsMrXIYZ2VYGOvApVtgFLesr6hTiET3bUiONaIbXAoH3PSYnGgmo64SO3Mjo4uwUxRPPCht4_T8NmxXNXIAbNzvGutdK1dVvByDEjJiuqB7h_3ckQoG_3UiXLEQFlHDp6sg3B7xkSaiEM9atU2WPTAP8mI29ehcmhplwoVuhe1XhzbkcuaXoqXP0A&sai=AMfl-YTkHTToy1pWzwLZGPA03T2-EVuJDLO408GWEksHB7eiTKIGcGKW2qtx9a8J5gqdwo82FfII7FHPmneOvmdBD__Gu5xqr46HWSgedg9Z4YbejNl3-R2bTiiiqDp03X_lKQY8l16JFdVw3GMpgjHWNocxsHIIkpIVzhedmyuj0Z3mdicOXjb0rCeDjkmNcq_-BS-ZWPibzUjpoUzp2DJDYQb4AxN969AaATrkfFNio-r7LoIwilPm92sBTqIec0FWjSaGlV0KnTiT2ld50-vzFe_KqZXdO6Z3Jyu2&sig=Cg0ArKJSzLjKywGvIQmfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230627.50228&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 30 Jun 2023 15:12:03 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:12:03 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FFE2 41 KB
15 KB 31ms
31ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 510392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 17:25:31 GMT

GET
H2 200 8964552396074085254
s0.2mdn.net/simgad/ Frame F099 77 KB
77 KB 121ms
119ms Image
image/jpeg 2607:f8b0:4020:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8964552396074085254

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQEkKeoSZCzWVLjCvkWH9SkqCYl7RntqGR1SC_mAsYXJRGuk81tifkYvzRIJA6lH9xtDmYxbBuScBY7S0XsLD2hJi69Q&cry=1&dbm_d=AKAmf-A44NiBtSX6NtUWcRCBbz6HfQQk1iROvx0QTU_kJ167FS1ROjRHJ9R4iMb8s23CKMe8X2YArZythtLl0zh9QmHoC5Y1F2AblLSi8kxUt9XSbR2_21i9Vo0p0PI-_LQzASfpuLx98-Dflsr6oeQjXJTlS0cymNjgzffybuJ3CpeErOK_M8z8h49wFcTZjFDoCRBmQ9KCP15xAxnwaxnW8HZ8IFHpLJSNCCj4yWRC6THjyxXgEBRDRLQTQx6avTLTy4RUdF2uVw-psBp6LOSgh6TUVft9qhp8zQG4NnZZ590ahttIVPmgwFxE_npp1wK9EulRZnLQHlS3V-IxW1soAQQSuDd7i9VMl3MIrFtZjrJuKOuoJq0CJTRmdpLQDE-HdytNQv0JceoO45ITGUfObxDaMzUwJgEOBeToun30xbIc37f_X2WzlKK3P9lxGekbVRNRWMKVLxLUAvPuuszI_GE8icfxOEVjlKo4nAhLLGCL1ZxhZqAVuEWVlzYrIBbaaK2ZJn8xu5yZW6jf3I5pcPWrtNCUaeyvy7g8ACC9tc2LnWt5oehXLW-QD-0VNybpERYZKcNoP-7YF_D6x3S-Qu3lPXGYYALDtO_IeUGtHhEk_oTt8nX_NnrSJisVVZnP5v09mV_eGLIlngCtW85E-FBz3kATlmKBiHTq_aLIi7pqRaei0BGa6-gwu5DwQIFaRVZ5MYIO93jRsXH9fLfn48AvB5KJ-4jOZ2oGUeWIrA8RkZ6eVDzPbiskRW7JESO1x9lIacP5zIM2L_337HGBPjHpTXz8OrfjJ1UCSS9HT5kZpxYdbd7w3o7c0upp3JX3Yp3ZytABFGCL_Qty-4tmtOUFTMWa5dujPDK70w53AhJX4YZpXLsrdl_BDVrJXw0ncsMXoQgeUGdemE3tBqyvlON6EGKDjXY_jZu-Z__lnaTPLCWERz1sJU2WjSq-poHgq4PccVvD70FdyCvtkioZr8CEj9kE2ngfOD9TCwFjZMiHzPCtE1Xll1A4gXFPPpq0ywPjkkq_UcLrZZnzlqMB3d4tgCM1c-kl-VRQ6AiR4mdAIzSTIacPzYP5F2oO1Kl7N8IUoAdnTfO1SRztOR8NjYUBSfAS-DzbVvTWkmjmVyNjnjjuGHyhbv4_1URV1AU2ixKo7oAPnVW8zEjb9bHFB4tmfmBdNFg7nsVaVW8mXVz0H5Qy_zPlprfEaWwbCfeVctpk8nqR0NO068kdg-PjYkOIf2E4JXgvKEeM04G9ZiJmwUvEEvVjNQjpx2g9FyMlkp_bBhB4bMxfe7l0EyQHLBSK19MbULuFPgOmCE5iNUbT7B9LGO17giv0C3RhQo0O2QaUzXj93__O_jzivg_gJU-gmBnC12kNmoVIkFPFEGOagqsQgKC3pPBSNVtUtuVxNKjX_6197SjBSqDMK5N45xw2vAM4I0pPC9_MJ_6Ynp-qado740SBJP3x6M_M5r2ECbO8LH8skdX-Lyr22O_RLLdn-CgN-Wyu6bnN2rq6rP2vtghTSGrMolDVlRejPbRBTA5VO0YlsNmTK3WUJEb7kpcrydd26JtGDaPrjM8IDj8vhJj6qs-d4eSCMsr0w5R6G7DSx9q59KiEPrvMk53Pqf7P88NIQJlxSLxKThG76xRRZ2InNCyQqQRubvBGc5mPrgNagkZV6St20iztigKHJSg4aw7sP7XOyZuTQ0FKzrLjN0n2yasnuW_bQE-UAKXJBsnPxyek9TiNm7UdKd98Hc3SKWnLuvyTU8jF2cahxgE4f8wlSdFEjTHxo9qmcvnKcjau9SxDgF_qnzny8NrQ0e46sBDel3G4lhjDoBVc7cYnpg7rH8Z923vQGJ0F0c-oDo38LVHtytk3CK1UNVQBUVlYFUOjNPYIigG_Rs3DNi9Y2ZM8NzasiK4uPSc7WVLqGpPwo7F5J4noPrWl_F0yWQJhTAiVsZ0Y7PgOXygEj0YytUhJ7ah3ohAH23-goEmVt9XOP1e1_Pk495h_A2yMlhyuMosSYUKADiXem1CLoMSNfElyuRhA43Eb9669ALBhMtuVo9Ug1FM2Mi7Su2FFZTvCw3Wz_tybT4t3RuCI9hDZk8l83F-L45s7e-1rJd2S6PGtTyFXnZDdb3hHXKLnrxIoudF-jfR6v6HlqaKEIbJYfiuL8Qc9totdyymQMci8ABIGo9Kx6VNJIZMHQOT4_4Umcum6Qfa1R1QtSq35-ySxW53ZgUhLpW1OG9uXgr5z5bcGAfBe2DuMFYSO-n-kI8sADcaOWtgiNo9CL7Rp9u2WNjZQefwa3y48bmtwlIiSlxVsTHHMvPPTvGNEqfzvEzgdRexubtditWl_ac4cyd0k0snEaNUsZvIV6tHM1ufi4GxcQO1lfLdhBMpjykYikeEklYfvTQYGqRrDG6ox6DIV2B5PbT_sZ05DAW2oAByaGOVPppowopEV3XTP4-qyE-a0In5_0Y7m5I_6gsGpD-V-6XYllmSQsZSTAsJKYAy3canPC8oSr2Vw1IvknLFqLWfzzK-AWjCAM_PlQOL7Dr4kAUqfhGzNxQwKNRZT4d6q6m8tRuoAf41jd5BhB1jhT4bRweOuwGoCYMCZhMWpi7PgEmghOhrHgeV6XpgMmlzYPv2qqs7O20NiJMFNrMD5j5yzJuI7xl9H9RUZFK5kvhsM2-nLqL-qz7doVoxMJX76sgvCbT4FTCIbGMMwpJTJJkCJtWBNx47QbG-c2DTMYoBtmQSOUkE56uEaMkCHC-TuyYWUY4brhBMaA_PCKPxogQFRAQPYlhbuFe5LkylWcsaDpegpqMjFcT3YTkAEpk064aRIIy6V_YBEXVmT5TYdX9I9IuH6CC0r1riHLgsVYs7X7ihQqnO2RQK4ExTuUhMDgVv22PNkBRCUoVynzKMT29cKJKmImJ7sTGWYN-VDktTOhMS22afhfq_xeAAwV34TTKZYhDdQQ4EQyI9Wz7sb7M0AojPD26FGdvP4rwZxNYAoORXdGJ5jQJ1miB0J1IOkD8o109Z7bgnoZXTIbkjo8RRrH3kPMvAXeDIajkgJWFf1jv2m1C4lHR0VWmosT-189zQ4XChraBdCoWJUHe7op-YR-UeywdedtnRkSu0TGIf7hDTd5MmdvPztdea3cQW_WcFOw2Ggt5jI6FdI8hqAe_PZkjUELvh4LPvKe0clxbgn2zHeNhmGHOqpt1FIuHAK3swoqk712sip4z-h2vENBgn375J0vYIDYqHUJeCEXPzL2Yfs9Xawqm-I_RsvqzQynzEvbJ_xXjOvMQFTgRPuw2hDkMtCOoH8mhrXp5Py8MRwurMtmG1b7n84hkqMeAEW9tTsNqwor4Es69J8_Q_8h7OLtWuFuKOOyWHvl6e-jWnouZiumGApsasrl9XWluWiZnymNSwfEYCeRyddyYTOuYGJYSS4Tn02cVPrgWAUk6ipWqew23uCZm36f7dKwLKSgUVWiYOjC2ZahNRdlzKFac210eEppwYMdn3V65c9WMTINj0TYCbdRH96E7FZEaD7XZQ4QA-e&cid=CAQSTABygQiD-f6B86V-berF-lygsRP9mMcV6coNiSuzI0ADf3Aq6AS9Gm04pkNbjaH1Zk-t7F_fJ-CLbAlxO-dKFxvhePHn01QnI3PiD1oYAQ&dv3_ver=m202301230201&rfl=http%3A%2F%2Fcrescent-star.jugem.jp%2F&ds=l&xdt=1&iif=1&cor=13870621896178086000&adk=238596429&idt=126&cac=0&dtd=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3f8078ecd19b711cbfce00fbaf71e209ebf0d3b8723d99428a3df257c4f6695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 23:02:47 GMT
x-content-type-options: nosniff
age: 576556
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78536
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 16:26:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jun 2024 23:02:47 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame F099 30 KB
11 KB 38ms
36ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 18:58:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame F099 11 KB
4 KB 47ms
45ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 18:58:13 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F099 0
0 90ms
89ms Fetch
image/gif 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstIoXM0eWeGrpe9dxd9Z9sTdYSCxHEgvYINBIBM1CwO1dIsmByrRO1K9b-kJytIF0n49y9bNMuNGQp1RmOw1BdyuCYHri43LoCFtFZjmKnAmv_Bhmvt1gMZg8gVeeVl9rXbxA2KkK8VQ3MZ4i_jBILHuLn61XDtNKyNroq0lAAVBa0VH_yBI5X716HDqbuvwXpRyTpl71mh7QJBdEKuLXsaYGbTvszH8Eii1kCDpso8h3oB86tg87fJ_kiPf_wNaW6CCWNf5qnU3PbhS6FL3SYj2Ulx3hgpfl8rg9Cbg8F54z00WH3RrfyfMLC8JT2YX3JqiFMJp4JmdOYNmvB74i4l7qutjnrGAo6V_-XjaOtAITp1h_4zyj0DiXY5oF-mwW7xH3KkFqKkJaYSjxaYFmCp7YO7tcX-o_gnvRbYlq2y_HE6AuCvZ0oJqrf3AX3gqf2bagQ6f1LvbxdC1p-879ZSfwU4mF6wKoPPoP6HzOmMU-gVO5m7Z3tYV4VDU92klS1xf_NZChm90NnTqsSYdeS4kPkGkR3mI50Ti0icEZz34uVnDFPEui-1WBDabZgZlPhtMty9wi0laXRo6ZxQsfzDTEeCW_bP-5YZ3ni7-NfQvt9SsMjPA6slqYluAZ64OqK4F884PpicPdVy7obevAa4DI0Vg7I8wVo0WiChzyCAM0c6bmRO4kRyfI3rBfVarDIkh9EqNTgyqjPeBT13VgwCLg8Yt_1AwzlNG51EghojKg-oujoCgMjz5YtJIjZUu3uEOh58b4HzEeXhjRHnbB0nbmyeOLWefi_S7yqqny51G_5jDLnrHflZ3B2yg2piVaezAaJluF4iTdlvBxhCb7RX1bOsufCKp3Hz6mSdcaL-VYhfBSRzbv0gd7oNXQv68lkLsu5yZJB2fi63ySmRUFEqAMF4aa4fH2rSkHomXRiK8EGyBNmMLkMLkmAd0i3cRrYzHdS9ZBX-EEXTDIfNIbkhgFWHYD80R_TRWVFxgMkK8FFX1chpkoF-JekDx_Q6y5-XKTQrKCzPJ_TwvNQoL43QPfFBrZY9R4s-br2ywGE-6BT_AxNUVnH61jjUp-fO2LmQr4YyOOL4pV_oWOwj4Bdo4aHIGB_IpjQ_n7lKFkmb3SIa4a4gKcfKBHhxTv0b0WLg6gUq6R6SPlOrOSwJq0ujoWHapk9L2ZeJDKPQvNlZGpifObP0GI0u0gHM25unCFwtUPAkRM40kHe2IVwh8SsJjVrmjFM35csgWh0ysnCWfyq0M0qmwqBDHcwIIDerW5uSpA&sai=AMfl-YRI5J6Nr9w-eBPwv0tpCyvw-15VT-wUbPAMDEVL57capMTCFl6e7ilradNKfVbT9UQ7VNdU3rIDsn3OYJBNbTMa1qnAfZ7LqZpdvxOufw3pBhaBtmOm2u7BzkQVOm-jGhGtahrnvrfiBkzQMrMrcL6rAWuNfPkhVKHa6sam62v8fme_ZoctbZ6LyaXXrUis0jCIuwWGfZ7bEcvTjXZBjLCwu-q1kgr5VOL5k_rqPaRxsG3g1sqf4__4py_CpUNz-qepVws-IyyAulkV8sStMLbVsY8rrs1cGx1f&sig=Cg0ArKJSzAS8bzif7SduEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230627.67808&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 30 Jun 2023 15:12:03 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:12:03 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F099 41 KB
15 KB 38ms
37ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 510392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 17:25:31 GMT

GET
H2 200 8964552396074085254
s0.2mdn.net/simgad/ Frame E00B 77 KB
77 KB 120ms
120ms Image
image/jpeg 2607:f8b0:4020:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8964552396074085254

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3ziGrHQhCwLJQC91YCW53USpyprA0yTbhNPwi2ucE68I8dxBX2VMWgjMsxrRDs6Uee3a0r0L5l-T8g85iN5_fuRrvmQ&cry=1&dbm_d=AKAmf-AYNQYG8IYcy47bgFlIF8GuFD1Y4ew391S2TD6Ds49g-PZ6lYsFLNGvESwYrFwhU1F-LVNKhh3NjDqx39NlgzUR8jEu2Iesdlnv4MV3u-9Y203ub13c3SwJiF43R1n7tbWgwqu8V5UyRvExrseY1O94Iw3dauLry-_18wIqkhQ71LKG6ZXKvdtqrfplzoq0v0Wg7KJQV7-5GnDgjwYGJb0MsLtdaDwP4H8PAeHI3fRhMYKP4b8YTEJzJs7NE7Dpj_whoTTZD_8jRshuYwF2GMIh7wRBTlkf68cq4J9n2deobEiZyoclGlhHs2kmj-_aovVJHfbUvT6MEa4NLfaDhI5qd0zEmTPzqyHP69754Bb0lEOih8Zw7ekSyYBRruoDgQrTr2wE_wv9eEvCur1oSKRub91Ng68y9KWth5wFLXVlPmNtPqP0iE5JJf4BGueCsg-NdpxnFtqa1lbU1k7VZuvI0GOQgoLxvbuM_qcjI3HX9CPD4iokXTP6-tuf_lTZv6QOw08aa1Rh5X8h0TrtRkOtDNSUIDiQjf6FNC7eLjg50RHVCXEeEZU0wMnRjBtLxD4W2R0Tf9X7rDc-QZ2PFysGbMwl7LZi-eUqEczfRIIRidNeOmqz_o9FzjCOC-xlQfBiTdqobIkjUQkQtTxjth4oQ714AoxmghfavLiDiYAS1yBY9ZR8Vo-dO6nNeandYko4YcDkR6yd8862_uvGrDtR9JMNwDzwPmbdzOfmoa0y82ZcmWu6AFdeoEztPIdjUnCW2t8iF02XbJkc3xgcI3R7mSnKJcGOBjq6szT6CJQggYQ8BGrLaxNEUAjSRCWWD9KGg7p_yaVoCEkK4NWrHJoLrAoaBWovHXr9W7L_SZ6yRqDbRbaWeov5g3tJE-Gyd2uZi5-nvFXe_8me5rdmowjmk9U2tlniKLhSmZbtv0l4roUjBSvB28Y7NU7gafxTy6iXYI9TvDeRQCbXeYPRyEdV5q14foAkKFzSVQSnUfA9jwRy4aVeIYSTR08TrluUysQ-XNZcR_iHVD__qV8rHYXfHU7zsQlq0BlTI4BEt1QfPj8E00OQ52otQTFZZjWbXMKpSa13g8aLOutC8eBAJLdHpCFi7Tjb3DJTUc_63KfA10HQqVupoz94bfzZf3nXZUxTGSwrai-EhXNuWdDkFiJ5oQM2uJFJFnunck_CcRYNIAQtNVMMy7ua_aMvB8A3VZ41P1wIy7eL-HpMh2gTTjtYTyUztA6DXEOKnG3pRTBHdtDlVUBmmB8enKoF5rHEw7-DOCrPa4tVMsOX5wso_xUWl8R3dPk_7OtryLA65t4VFzTxUtapk3Rb1wEOaIJCJIRavf31lZDWTmlW6g2vmbqIYNXOdR56vlBsKJi1IyjJUC2mXytAMHGlckZ1vtCkxsdjQW5ec1yOd8zKOYP7-zjItfbodTpQ2s7TygumtjKs2b04XFmi3E22jhciJni7kBv_S52xQsZi4i6BLlH29y90rJTv_1QxOGoQ10knhplXLlbGeDsEWMi3CzdaStLztqtAIRzuDjs-LnQFtot5UHSpySlO37JkWparzvUFt2iu2p9HF6hOUflJJifrLuqOX21qe2wF5Z6DWr2ROtLaf8qInOfpXh_5814pUZcJXBlpqcgD4PUjyVze-vMB_Bpr3ISQIZIdjxjW3vfjjA1lOKdKuUR1WpBRyeoRiOtfWZwNXYN5jThUgoOP-7w79ehf0Dyu6hPDa4SIiKrqiCNL1ViYtSsaojyyZ3qgs9MJRLxixjYgoBFN6HAJrEa_uO11KyhSMGojukJOeTY1U5nM1NURMvzsrpvJEeX99XYEMqliJ_zcHiv8saJVENQS9lehZcXrTFiAnPZaiPA2Wd86ogAQMDW7PJ4KFbqIwrPkpUUjToR2uY2VLmijzizGjbrpAMRvY5O0kjrOQnmwk-iP5_y1yFimx3eXqJSCIc6kHlGFHeUFFR1mJCM4xe6UkIohxc4rbm_zd9074NbhsMip_Zo6QTb8wyff9lB37LAnqeSKwLBEZkBX09t6dOVniNkNRJEx_0MMgVTnyhhiw26UO9gucJLeve26ibY1NhI393ce5oJT_XHwdssmjsBRRbJfKx_ZcAsZu_BxOF942vflmEPbkPZxEIvy-gOXOnQ1eUzx6T8K9pgt6qs9K5NcyO3hWa4MHOXFnago7NvLtarDPRw8EhLUTaZgjYts16pU09itXJdWaEOtcHx3AVfR83Nrg4NMaaa8B3bbs7ZbUDn1a4RtdRt41d5-kZUq5k-aexfqYuCVHYLOh_MZ2Hs-nbrNzbbvrEiHc3LNRLsnAq8bP2ZnERQjmm8zQU5lk3Mbsan0ouhagxHJRoORCdKTc7UNJDj4cNpeYQcUv_gjkwvZeQAMQXrcaAN5AjbwzdEsoQJo9aBk-Wfs88Oiy2x7XzKPeDwtCdHycDju3D8libv2yySpyH7GWIA3POdtOKpRKIuZrkmdnTVbwyPEfRQEM0m2UXTDSJ0Z_B3HNtcRzPryoq1VLc04UecPfDcABigwEHsU-UeTAp5FkndKg9bO-ucTSwC1DHy2nfMJ3O8OSMLGqlW6AE6Lh_WttxFXexvfFWtP2SqRRusgxx4SEBeXVmVP-zhS77eN6-asIQE4JAh0ViPHT92Ht_66TikvdiREHhiSkuZreEiOvxb2ZZTOIq3VOdfsjqcEmCBCILUkKg9xT1LwYwRXeB_jIHXcoenAwRmqJXfnF2hcP1wVC-OG9Z-ZYDc8ey5vK9Ey_Cl_C_0ctk3NpAFHDbRsAB45snw151IJFrD6VU7yTq1lSN-JPKb1rLbeWNrLkqRi6IzsO5P4tmw8-mVvanJ4Jh9_xvUZIDAMm5UL-oDdn4o0FDrsPeZ_HgfyIugfiTL-TreewhiAV6eW4Uc3RfqJ6HB81DE0OAS3F2rvqRUJfh4stmQ--0Rq9xic0C9b8atKn87EJH1AIqJa2k2KktKq8i0Al1OLP2zxV-ESXCEGxROf1-o3Y45ZpY9VYJbjPSqZVmSY3PtPJ8Skj6rxltQLhEBm5a5YUDCMxtmlVqsiZTaWB5ZbzXA6dtA8RZ2uIOaFDeUKHQgPDpGWX0jUxm3coG7r1oNgPxAyr9tPP5nDjWTRCCAj9LqgxZHqR2JWpytTyNehIwhqkzFbokSv4T0HLPvwIKyOWQ38gkrozNESJ0Kx1mzVmP4AWwDdC5KryZqs3dwNcNSkS2NkIqPEXuuvQFTIfcjZVmWF9EhT0ngzSDoj034ZPpd30krvsC8pflMJoD2oCW2OcihEUlmRMy0grpUkQYvuZFfeOi5xG6o9JchZDG29klXt4mR-IeeSOngmXqCpmO5yUODhiMmYxTfM1WAZlpbwxEeNKlTnwUbwCefwXRyWkmViNbwc9tC4LoxzCBoY24zUDHT8_yni5-72_Ej5PfAOErKmfJCAqPbHGcb3Nbfewm6cHpKjGT60F_MBLtfU7mC9MXG0sZO8wk4TDF0hIM3qkB4Ln1rXprv1uiWNO8lgvJ2xVrJibnUV&cid=CAQSTABygQiD-f6B86V-berF-lygsRP9mMcV6coNiSuzI0ADf3Aq6AS9Gm04pkNbjaH1Zk-t7F_fJ-CLbAlxO-dKFxvhePHn01QnI3PiD1oYAQ&dv3_ver=m202301230201&rfl=http%3A%2F%2Fcrescent-star.jugem.jp%2F&ds=l&xdt=1&iif=1&cor=5559511400978608000&adk=3564403988&idt=166&cac=0&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3f8078ecd19b711cbfce00fbaf71e209ebf0d3b8723d99428a3df257c4f6695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 23:02:47 GMT
x-content-type-options: nosniff
age: 576556
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78536
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 16:26:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jun 2024 23:02:47 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame E00B 30 KB
11 KB 51ms
51ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 18:58:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame E00B 11 KB
4 KB 52ms
52ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 18:58:13 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E00B 0
0 91ms
91ms Fetch
image/gif 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZ4K5G-DuHaoZJUq7Z2ypOLP7HKxvfHIej0id48HtdbfeCqcXkeOYGGdnE2W2rZemx79g34131_pNCw5ao7Ga0p9tv2unqhWHDncibH34R3uyqfUZAMRDVKz3TIdmGlVf4oenRlTcWw2WuzCt_bcNKAM1knH4TRt1mu-SrgL8apxS3zvxfJSn8gJBkc5D8AO_1hpQL_bTMkFBuKK_OZj9O-3redUqGMWnsBbtMR83lEBIEWmBZP0o6el94DzWvhhUfmQVQhrJjUyBIiu3-kK5x7NFYaQO534LlAuslYzlMKaviWLaxy0ZJD4kcP470xlYitcdxekyGClLkwWMizYXrWqwZf7kWhiyPd0HtvANEy_lJhLL18rp3PvWjwM1Iu7Jmz7OfyQDCDxLIg2MYUzk82sYhWWu8HR8K3JuSMuhFUMwe-KertqJ8NWNo4ibdkgsCIxJjx44frSIcNsLTeriYe9ZqFbKQ0i1Azl0zle3pzYWt9AmGQQ32FeEDfvqHsjX4BNtblX-nVlQBu_zPYtBV3MeNRRLQeuSTc8UEDEP-nv-v_7fvdMmmLuIM1xA_tasnYpspx34HsIv1d6j34-QPtetjCa50OzWk4judjTWtP6PYNmmFOdVYFRNV4xaveph08EW-hiKWs3m6kDJpvDTE_sL5iKCMwTD81ScHO-wxZ4C7jhMNWW_hrcaTjS7V9R6sK5YB9G9HXewH7DErbh_jUcGS0hhqaZOCb-kBZIDTpZbJbjLdl8J1ow_rcZA6kZzCWov4zIZBAeMmb2tsEfsz25g3RiOLjgnsLVXCFToaF_nepK6Kzt3bXlWberhp-AhlhyM_XfMKh4u4YDexFAe166q-4x-1slm1eLaWew9EPM14qr7h083u2JUno-7DTDKspgIpzOOAYE1KCmi35b0kFMhcb9chhiETEU9OSEFjBA5qwzbI1Ofb7rWV2ueJEALyd_6LX3sxNQFGIn5RoFwkKSRks042HymEK4xjvVmjw9YaRf1BXseUNHx3zu2Ly0u9HYqnF-jzTU6EuWDX3V3AqLNAYDCvvLatqjPz9uZviU07tCpaW1siSMLJIINn_o_T1GZkqC1ziu5XHVlu5CJI9avG4pG5kVDiYGSlMWSTqHlAZjdsxjJJCYwZO9Cx25HRVyzxjV7G3tlWNBkohewpMD4xn5hAtk-Nxx-3zkbOsaY8FSkcm_U6iJvUXQBn3092G02_-kOBnDn4wf4gGu3Rqiws4xzcA5uVu4J_qazsFApjWee5SXvEusE83dibAR84RA&sai=AMfl-YRcnXKB5L5D8qYR9w6FGP4adl0X2le3P3FRauBXlRFor4GzzWC9LbfWciW0wNuKBdGQd9a-wIR2glEiTdJwmu47g0t6FYpmf9-dk6f1jE55WKfCvnypMxJuHPcdpy4KGatCo5fQWrM08euDWP1KQPPFtQKYfzKEp92AbJWLn1rY3rKyUYHTmvjPoyxadD08ea-p8giYnFducrmSFRcBYbGnOWbWl0y3a24w4mYEeRuCNGs9ob5yExIJYSbdn34F6U8s0Cm6f_ma1GZDHly6xEpuk4YuxQtizajb&sig=Cg0ArKJSzEa6iV22tVR-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20230627.83808&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 30 Jun 2023 15:12:03 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:12:03 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E00B 41 KB
15 KB 45ms
45ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 510392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 17:25:31 GMT

GET
DATA 200
OK truncated
/ Frame 5BBC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f480aaa5629f3a993181a960bb14b80460209edd6ffe735a825fec0cea213d4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3AE3 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa330f12663cf886150ab30007172b960e2e0fb5201750694d1afdcc5237c449

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C7AF 2 KB
3 KB 56ms
31ms Script
text/html 8.28.7.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=20526466&p=158977&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0a40aba92b614db9dc88adb76e2bbffeaf30212420a67e1a8da456623d89d1c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 30 Jun 2023 15:12:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 134ms
40ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 30 Jun 2023 15:12:02 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 154059
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame FFE2 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4393200d109c9622f479f2e6916615f25333988e7a7b7600f466b043aff108e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
408 B 372ms
121ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

d7ba7c80ee7338748b573f9a5b2b8cdc1da818a2d717bbf50445338110d3700c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://crescent-star.jugem.jp
date: Fri, 30 Jun 2023 15:12:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame F099 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee0a493bde0f833f89ca4829404fb166b337e6b39f2607e6aca9461095d98cd1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E00B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af6129a7ec26760cb2d5ea83db0f3dc8a3390671631e1f5c695e42933501cc02

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 17D2 2 KB
2 KB 34ms
33ms Document
text/html 192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fcrescent-star.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: df021d8a4ce92e8519b4af0693cca3ff3047eee7d9be6bf140a7810324f163a8

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1727
Content-Type: text/html
Date: Fri, 30 Jun 2023 15:12:03 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CF64 0
855 B 45ms
45ms Script
text/html 68.67.179.113
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.113 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:03 GMT
AN-X-Request-Uuid: d4b2a9d7-3d9f-401d-9523-325acefe2ccf
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 96.9.249.40; 96.9.249.40; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5502 0
0 62ms
60ms Fetch
image/gif 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVSz14B_zuMD6phyxx0cqNBcB6wjdJH0MEJ9BUVKfQ31rpDrb9UB08UnBeMW7PQFKmq-hSrlwSyfMKalzGYZVxEGOZvOEWwOu4ReOk2_skmyC7FPFLnnYzJRajt-1jG8vTh9XX4CLWbyrI6ifTMxdqQrFLKRcGlVuvs0dG8BGDoB1LtVJSbchK89sGXaXND5b9BGeSGKXh3v37PTKJwUmE2FEEd2lC2_OLi9tV2JuLyx3ywfgSFVEOxFjbJshuhnVvBl9FoKSLrF3kWAPkTs17cqvrHHldTlq7JRRItT5FDt3xQbg94LolAIo0NBs2JszxYVx4s68LRwHsGh2h9EWqlfhncrY6P0-LoedAPDnbGK5YUKzrXBNcUp7r61XilSCwE9qoVyDcwYfLNkZsTQ103FytsH_1dMtjNOqK8-ng6hRPRJ4UG03LhSe_EUrKXvpSgeBYCQL0SPctzEzMMTy4sZAatZ2GcBUZzJAPD7rvHE9cEcBGKXR5uhtAOpk4NUjxAptqqf3QPHnLRktO9CgDswZZmkA4LZohfeuj642ljbEOFKchtCnRQth9uHlHqeOegTHnzW9qAXrv8vrRf6WMN64bq3-bU-ULsNbE8YcpCg139ZBJMFEDBSwvWQTC9pksQDz1YZrEJPUbJyXzBbPUDi9aXKxSZ_xCQT1UqKHEf-YismcbwUFEffJNYJjDvlbWITswSMi_NGHOfh98qhQ2zXoDEkmt8d3rbFHTYV6X_n82UHjZccj4PRzTBvIqaNhepojhkXZkYTl38BZIUrBF8RCs2uQB-Qh80U0PI85BmZobHuUDBzVquaVfKg54togTSEojYMd9p55nktqDvjBcJbWGhR6pwDbxDvRrJ1mmf4HI_MvytsFsNT8YiNNL_j30AsNdBPTWp-xHnoB4tU9dCx9WqO96gHySAX4hIInNTRUTgGAwKwBYFIHxMxeRYNaZKjYPPdP9uAOvLHfU1ASwpnG7UvieSD0gYthWGpTuKc-nH8Y4XdKp81lEiRqxMwu_kUmyslPXbOI0BocnuLUykl8GgO1e7xMl_hrc5eR2QEMCNmF6yqw_cHTWaw3jxyLHiRVi9XgMCMk5BuPWBvP_6WPtl-IIThTx99kifgNeaGHRXXpNQDQ30d1bAZPDAUT4PyoMq37segJOr6wIJWZ3VFVvzQY5PPeJN1uqtQp6nFwGdi-UAyAy97i5t4c_j8pDkjgsFI_qhKlPSimKSbB2SXsSRHBdvfbAs-JvrXYZkrydzJ9f-ODw00Nc_xqT&sai=AMfl-YSbnp3korFYKpNTsvWT1IW_EEfE70t4N33h9_1Z029IRAoqrZQluSMRDrt_UdD9_mhF_YL0V03nZ8lSfr3s0EUApxLUAvyEVptGv5uYbCEZHPoj2odGNNhbkpyLUFrjU7n_0G5MbprqQYyn4dzn0-i8J3-GtZO9xqOuL68he-O76ekmIY1MgJt7XYmZQowcY5r0BM2DabeOJqaUHe7EF7GdyM_Wq-TcOC3JveHa7yLYAmZ_yBzglm0l25UKdCDhFlYu3Efxl-8UwUi732uGfMhDjptNz5z_soaA&sig=Cg0ArKJSzFuCOeTwixYmEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=641&vt=11&dtpt=637&dett=2&cstd=0&cisv=r20230627.44096&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 15:12:03 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5BBC 0
0 61ms
57ms Fetch
image/gif 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3RyVzIRAaRAdQoHGjnErXpc9kz_MGWCZGBGHqPA7-ctxt-LEqIV122jLC59nDqZpD0ke-4thRnyYdvzmIEw7aSvP__TfrzN_Q6Pr6eOr5Ao_xl4sSJYAmWsEya8Q0Cr86FYoUxeQQV1klPlL3rbJZYhbjpN5iV-slX8Z55eUORyNB_hcj_9PUqsmqAmw35SJiJy5EB4FvISCwpvuf84YNC1KyKv3E4_o0QV35g_yMuq6bfAoh1ktS0_SOxHPGxY6uuDyWSYAU7gi6Rdzz4Pf4phcsdG3OnKKTQFQ91yyIY-dHSOZmn-aLX5XnXTP_zyp7WTrAY2eYFPMCENdSj9E9tFR1galMNP8u3aGaspoQvFoJB6tOdG3EgPcqMyk2of2_ZCWOy_WGAIMHbO_c2pX3sZjoVdcl5VXsCto3UgNWqklbkjCnHNIwD0rnFuS8OdT4nfosxpomk4BWimnAPiUDextJGXBBEeJkuotcLN2qgXvwEBAz2xl9eDtDfKIO9siz3rJONxyD575uHvaz-ktMJu3B0jfoGqCNgbvNQqS5_oqP9RQ3DDvWlm0g0m2dt802mDVU_7Pcg2H5_FjZRtolII-_rtYVR15SCs941M1AuPJXvFZ-lmIj2zPobFbvPXxIvTpyajgSLVjfInKClzips8ld6uQ6eMD2e7lO_5r2WULWwO43NS-a6lKucRacHLS6DUX4GWPSSetNkU_A3Unu5oZY5hrY8NEJRy18iOk95LwbC0uhAEJomZH-PNDjdiYBp3QlSLDNdc44DYk-tWy63i504F_Z-mHQ2gHxF7mhFmaRtoqXGtiyZCm8hugxg3aUfcTYy_EW8HPAioiviYS3EEHIAG8YCALY2GzvDv3QDwmVD0EIQhFMV_p_-wM91TFULaWpWWk2WnqBwkhVjo2iLmHyhTtIIdQVdvaIkNna1uWSlJoHu4g_cO1i3xkcVUfrAMU-W0jF0Dm40oVUXKfVGDYi8-L2jKZ0Ur3giEU4sFQq-2NIqIIFnGpCKv4HKYKFof6SgT_gI87DSC6gFT5OpewoF6gNI9UOTNiTX4Or-Gk12OosprgKHamdUVsmuPp3KhZxK94qcd-_CmYUO0CpsDz3A4Cso-Y2JeESO6NAZwVGAfyEIlbgFmOwkPKDo1BnmpV-5Mdfu01tZEDvcNg_GzKRWI37gi9jGmxqOBgNLkQehOgZLKEBXbZ__1_CCFhvujs6vDIIESItMtfUSizbhwoemUnmyhzznI0maF_C-fM6l-7QKCsXXqfkEOixin5nww&sai=AMfl-YTuyUZoJPjgck6m9O5xnQMkr1rxMmcmykoxHEZnypEttkmNh_lZE4gnXEEJneLjzoqkoIpOhmKzmCxZFZY2ky15s1MMcFQuWYltXXpuCTpYRpLL2sCQWIPu81D5X3GOT1SD5UtAyfsFXuuWc9LcThU1W_dI_Oe5m5a4aqUnVPFXQsHLG0S0L6RbB1HI8WiZ0IkMiZs5RPPDAvEOxYMloi35Ifw0r6euugAGN93pPcXvJMbmESsgsqkyTUp_R7Cy4RQDJGpFH00tyQ8EFzUYx704L_09xrcMBa_v&sig=Cg0ArKJSzM9HVRO6KxPmEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=640&vt=11&dtpt=637&dett=2&cstd=0&cisv=r20230627.32437&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 15:12:03 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3AE3 0
0 61ms
59ms Fetch
image/gif 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvX7kpvwcZ4ETEi499dfAoiCOCSwcPQQUjW5uNA63mqQizTl2R3MMUd6mve1pGsk4jHe0J4wM3L5hJQn_Iq2FBPbOjpdXkS3WhqX-LLfszz9gl9ZdMi_pMxcIXOY759nqqU2oYFxQAkAVt7tAho8pqMPr5v7p0Eh6bUE-kGeZpQ_0FO-rXwSf52WPfKMBBfVhZ-hSyIVkoAzp7xDqiW2HAYDFzSAMGv6UyrKnWhNZB0vzUIiBoE4-OOC0w00ejO6YjqnWEqsKWjAU7dJX3qCa88_32AA9wbrs8i9aNuFlzDfomtdQhBKBgtj8Z7TBXCqs4zDXkTYWfkko0VHDvZzBSE-Io9wxdCCcEpbcB9t5PTHxaraaRI3ZP6x-SVNXotcEl2yoGHg-sn6vuiLUvs1-dvOCNo6OqYnu8rW4y4mHX2OXnPlo_l1x3uqF_eZT4igk9p3ECoo5neV1g_A0pTsr2TX8Oa3Gjf4lMCBMw-PRtbz4t9RqaQbAnljbFO0K8RQVekRFDk8oQoYTlm5gomzGtZ0_AlqfdLUGaR7sZPM5hiDsAMQjc9slEDtHhM0LBJYikgDCHdoHNL7YQAY-8bjUaRjpLoHAae2AY6z5vjKsd4nmFzuFT3lTzYkuEdMP2QWTgW8QHcO5xo3U1rFZLJ8I-yy8FU31mnH1oov9-bJV7fLdL9iubk1MV65Vj96gbxx5tYpWAeDVKbdaedQkwNEYmdx0mwm7JkNfAW1x_HEbCcUepxskYFq3LrRRyFHv_iID_1K1964ArEovKFKnrDo_1QpZbcGA5DrsipYVI4UlNI1gBSjsikG4f3FS9LYHnVvoTZngrQjpY-igvixwL0UFv7tDL1wLCwk6-36BHT8Kp9iLcJZVPXmtc9shcvwUDaW4poLAa41nKLDUtkbyckzEJLwK6f8LMbq6fKCOSS7qjNF0kxWLKIXgOYn_tcWnA5VdzI7JdAnjNDV_-BFgFjBEt0EvzYmkCTjh-hbRC4NehHolOaSFZhXZrApUsJ7zIVoRm0ZQbexo8Dx6Tati07Cu6MPhoiotwzgSAd29Frue6kjTctgDjMYWryzlFqVZDGvfX5zf7nOSTkVtvm-j9Qu5lk4wvC9Gad9SdBJcsfN-Ax_kKIrhEswsVoyzJaa1HCkp0D2Gf72IMmKDWjuXO697XIe_JpeB3_Ih0QNCm4DsU1mIRO1dsG-LPBE3JviBIN-jQkQIJvHUUDJR-9OSsh-6kXsXn7xT3C_EDCJP1GulqmKHZTCSacteCoI3Nc4fc28zjdng&sai=AMfl-YSOGQCsW8mKJUR8cRujmP7_uoFLbPi0--TzgvMklL3STus5JTCjAyzoCYpZbsBoMGz6rPWVyz7qKUnHBkXH8v0REUatoGyTcteeVHrRFCymKZ4lhy-vS78VBiPW5LvduEfjEs_JShiyb303D0c1y56EGDb1upUf41kbN5hFJGbb_p6jf35Vbfqgm2JdtWX7pAVNI2XtaLMZ_VHENpqSH3ul3_kSLDwgv76CcoFIHeSCWm5yC1HCwc2uAtQAmNLqikiaBZpf-QdRR84pyYB0cHStm9jVZONeyMjQ&sig=Cg0ArKJSzHiNQe6ULe5lEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=629&vt=11&dtpt=627&dett=2&cstd=0&cisv=r20230627.00804&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 15:12:03 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FFE2 0
0 68ms
61ms Fetch
image/gif 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuQmsUdBJtzHTiMNAcogoMth6PhBGwnv1eJf1BeLNm4h6yOYb66n6wl4rVnmMTdpdXd0uuJL5t4GvFhHGrj41h2IlIYXLw04X1BCq_ZmOH-QvHo-p-r6xEoEWqrmFXilXfwyky9zF4uD-l9WNKEr5PicwvikCoEVZmdCVr8LujjU25ZmuNbhGBFRMpS2ptza3K0UB8d9SKHRqKiYcACe6bJUAwmhXQbcRmavoiOgiIp0O-HSVZtc4V2QQ-Q1fiAorpUaNZXExLlEAMrxeWQcd8omjCJxQGbHBCs8cp51ezwV8FMxT8JUFOb125i9zNOcYcYyvATo387WVAPSRoZs8uoSjzRd9EJuudomiJvnnr8mlG-VemnEH-cW51JM18Vyst0mk9WtRh43A1_MHs4DuINzNaIMxXh2RoD25ugeEoAJFbuDOHp4DGC--vMI7NM7pDmnAEKTmDUosSluOMB6zoUKK7ih6xDI1XJHLfrUEDF96sJWCYX9S8sWGSux_bt3AbqaRrXtl5qBTg_OrvP6AJyHzwjFNFWyHBP6Vmuwo31EKBwYf4YmImYKRKA8eTxlskBj44-hBXNhZFSQTSSDEsHlasOGJPXsviKoWO2YJ0Uh47JrfW__d93VL5dlUEYpaCHgiX2_fRC__6EETNp84iBYTqOeDTvTrGmXnkNJUWSLkjSLOaHMfh2SbElvfOTu_64USsPM5k9O9Cm6cBGy7qEpGwMCt8NsFa5c1VS_6jrEfdNwX-RmOxAxmggxkFKXc9oIWLR6BcjqOOBsY_IGI9A5a-ceApKVQLqjE1T4HJmphgXubt1qy86zKIMqNmvtStQURlkAMURh3rXMWBxgIxEznywaYFMooXebT6B7ITMkRT7J1yQ4CVI2hFqcBaCGjc3YxUDHqwQLDFe2RIW5e77AebUIEOERY655DCI34t6PiP-l-JwtVnNfPyCfX8WmBH_iF-lpoNaVishsPBiN-5f7PfNKCoaJ_ETSkjGqBsFREjIYom0XC8EyT_-rqBBEp3rI_s08lYPLL0JkGbeNepe4NzCKvAknxreks1JtSVfzs3M7_O15M0J5snBI99Quu05EaYsznrwdSsMrXIYZ2VYGOvApVtgFLesr6hTiET3bUiONaIbXAoH3PSYnGgmo64SO3Mjo4uwUxRPPCht4_T8NmxXNXIAbNzvGutdK1dVvByDEjJiuqB7h_3ckQoG_3UiXLEQFlHDp6sg3B7xkSaiEM9atU2WPTAP8mI29ehcmhplwoVuhe1XhzbkcuaXoqXP0A&sai=AMfl-YTkHTToy1pWzwLZGPA03T2-EVuJDLO408GWEksHB7eiTKIGcGKW2qtx9a8J5gqdwo82FfII7FHPmneOvmdBD__Gu5xqr46HWSgedg9Z4YbejNl3-R2bTiiiqDp03X_lKQY8l16JFdVw3GMpgjHWNocxsHIIkpIVzhedmyuj0Z3mdicOXjb0rCeDjkmNcq_-BS-ZWPibzUjpoUzp2DJDYQb4AxN969AaATrkfFNio-r7LoIwilPm92sBTqIec0FWjSaGlV0KnTiT2ld50-vzFe_KqZXdO6Z3Jyu2&sig=Cg0ArKJSzLjKywGvIQmfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=522&vt=11&dtpt=520&dett=2&cstd=0&cisv=r20230627.50228&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 15:12:03 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F099 0
0 60ms
59ms Fetch
image/gif 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstIoXM0eWeGrpe9dxd9Z9sTdYSCxHEgvYINBIBM1CwO1dIsmByrRO1K9b-kJytIF0n49y9bNMuNGQp1RmOw1BdyuCYHri43LoCFtFZjmKnAmv_Bhmvt1gMZg8gVeeVl9rXbxA2KkK8VQ3MZ4i_jBILHuLn61XDtNKyNroq0lAAVBa0VH_yBI5X716HDqbuvwXpRyTpl71mh7QJBdEKuLXsaYGbTvszH8Eii1kCDpso8h3oB86tg87fJ_kiPf_wNaW6CCWNf5qnU3PbhS6FL3SYj2Ulx3hgpfl8rg9Cbg8F54z00WH3RrfyfMLC8JT2YX3JqiFMJp4JmdOYNmvB74i4l7qutjnrGAo6V_-XjaOtAITp1h_4zyj0DiXY5oF-mwW7xH3KkFqKkJaYSjxaYFmCp7YO7tcX-o_gnvRbYlq2y_HE6AuCvZ0oJqrf3AX3gqf2bagQ6f1LvbxdC1p-879ZSfwU4mF6wKoPPoP6HzOmMU-gVO5m7Z3tYV4VDU92klS1xf_NZChm90NnTqsSYdeS4kPkGkR3mI50Ti0icEZz34uVnDFPEui-1WBDabZgZlPhtMty9wi0laXRo6ZxQsfzDTEeCW_bP-5YZ3ni7-NfQvt9SsMjPA6slqYluAZ64OqK4F884PpicPdVy7obevAa4DI0Vg7I8wVo0WiChzyCAM0c6bmRO4kRyfI3rBfVarDIkh9EqNTgyqjPeBT13VgwCLg8Yt_1AwzlNG51EghojKg-oujoCgMjz5YtJIjZUu3uEOh58b4HzEeXhjRHnbB0nbmyeOLWefi_S7yqqny51G_5jDLnrHflZ3B2yg2piVaezAaJluF4iTdlvBxhCb7RX1bOsufCKp3Hz6mSdcaL-VYhfBSRzbv0gd7oNXQv68lkLsu5yZJB2fi63ySmRUFEqAMF4aa4fH2rSkHomXRiK8EGyBNmMLkMLkmAd0i3cRrYzHdS9ZBX-EEXTDIfNIbkhgFWHYD80R_TRWVFxgMkK8FFX1chpkoF-JekDx_Q6y5-XKTQrKCzPJ_TwvNQoL43QPfFBrZY9R4s-br2ywGE-6BT_AxNUVnH61jjUp-fO2LmQr4YyOOL4pV_oWOwj4Bdo4aHIGB_IpjQ_n7lKFkmb3SIa4a4gKcfKBHhxTv0b0WLg6gUq6R6SPlOrOSwJq0ujoWHapk9L2ZeJDKPQvNlZGpifObP0GI0u0gHM25unCFwtUPAkRM40kHe2IVwh8SsJjVrmjFM35csgWh0ysnCWfyq0M0qmwqBDHcwIIDerW5uSpA&sai=AMfl-YRI5J6Nr9w-eBPwv0tpCyvw-15VT-wUbPAMDEVL57capMTCFl6e7ilradNKfVbT9UQ7VNdU3rIDsn3OYJBNbTMa1qnAfZ7LqZpdvxOufw3pBhaBtmOm2u7BzkQVOm-jGhGtahrnvrfiBkzQMrMrcL6rAWuNfPkhVKHa6sam62v8fme_ZoctbZ6LyaXXrUis0jCIuwWGfZ7bEcvTjXZBjLCwu-q1kgr5VOL5k_rqPaRxsG3g1sqf4__4py_CpUNz-qepVws-IyyAulkV8sStMLbVsY8rrs1cGx1f&sig=Cg0ArKJSzAS8bzif7SduEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=522&vt=11&dtpt=520&dett=2&cstd=0&cisv=r20230627.67808&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 15:12:03 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E00B 0
0 60ms
59ms Fetch
image/gif 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZ4K5G-DuHaoZJUq7Z2ypOLP7HKxvfHIej0id48HtdbfeCqcXkeOYGGdnE2W2rZemx79g34131_pNCw5ao7Ga0p9tv2unqhWHDncibH34R3uyqfUZAMRDVKz3TIdmGlVf4oenRlTcWw2WuzCt_bcNKAM1knH4TRt1mu-SrgL8apxS3zvxfJSn8gJBkc5D8AO_1hpQL_bTMkFBuKK_OZj9O-3redUqGMWnsBbtMR83lEBIEWmBZP0o6el94DzWvhhUfmQVQhrJjUyBIiu3-kK5x7NFYaQO534LlAuslYzlMKaviWLaxy0ZJD4kcP470xlYitcdxekyGClLkwWMizYXrWqwZf7kWhiyPd0HtvANEy_lJhLL18rp3PvWjwM1Iu7Jmz7OfyQDCDxLIg2MYUzk82sYhWWu8HR8K3JuSMuhFUMwe-KertqJ8NWNo4ibdkgsCIxJjx44frSIcNsLTeriYe9ZqFbKQ0i1Azl0zle3pzYWt9AmGQQ32FeEDfvqHsjX4BNtblX-nVlQBu_zPYtBV3MeNRRLQeuSTc8UEDEP-nv-v_7fvdMmmLuIM1xA_tasnYpspx34HsIv1d6j34-QPtetjCa50OzWk4judjTWtP6PYNmmFOdVYFRNV4xaveph08EW-hiKWs3m6kDJpvDTE_sL5iKCMwTD81ScHO-wxZ4C7jhMNWW_hrcaTjS7V9R6sK5YB9G9HXewH7DErbh_jUcGS0hhqaZOCb-kBZIDTpZbJbjLdl8J1ow_rcZA6kZzCWov4zIZBAeMmb2tsEfsz25g3RiOLjgnsLVXCFToaF_nepK6Kzt3bXlWberhp-AhlhyM_XfMKh4u4YDexFAe166q-4x-1slm1eLaWew9EPM14qr7h083u2JUno-7DTDKspgIpzOOAYE1KCmi35b0kFMhcb9chhiETEU9OSEFjBA5qwzbI1Ofb7rWV2ueJEALyd_6LX3sxNQFGIn5RoFwkKSRks042HymEK4xjvVmjw9YaRf1BXseUNHx3zu2Ly0u9HYqnF-jzTU6EuWDX3V3AqLNAYDCvvLatqjPz9uZviU07tCpaW1siSMLJIINn_o_T1GZkqC1ziu5XHVlu5CJI9avG4pG5kVDiYGSlMWSTqHlAZjdsxjJJCYwZO9Cx25HRVyzxjV7G3tlWNBkohewpMD4xn5hAtk-Nxx-3zkbOsaY8FSkcm_U6iJvUXQBn3092G02_-kOBnDn4wf4gGu3Rqiws4xzcA5uVu4J_qazsFApjWee5SXvEusE83dibAR84RA&sai=AMfl-YRcnXKB5L5D8qYR9w6FGP4adl0X2le3P3FRauBXlRFor4GzzWC9LbfWciW0wNuKBdGQd9a-wIR2glEiTdJwmu47g0t6FYpmf9-dk6f1jE55WKfCvnypMxJuHPcdpy4KGatCo5fQWrM08euDWP1KQPPFtQKYfzKEp92AbJWLn1rY3rKyUYHTmvjPoyxadD08ea-p8giYnFducrmSFRcBYbGnOWbWl0y3a24w4mYEeRuCNGs9ob5yExIJYSbdn34F6U8s0Cm6f_ma1GZDHly6xEpuk4YuxQtizajb&sig=Cg0ArKJSzEa6iV22tVR-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=520&vt=11&dtpt=517&dett=2&cstd=0&cisv=r20230627.83808&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 15:12:03 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 17D2
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8780596409763565358

43 B
632 B

41ms
29ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8780596409763565358
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fcrescent-star.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

Date: Fri, 30 Jun 2023 15:12:03 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.249.40; 96.9.249.40; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d9bb5b03-d826-4c93-88e0-99c521a14a2d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8780596409763565358
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ZJ7wv7M16opIMKMsIAK4KAAADvQAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 17D2 43 B
601 B 39ms
38ms Image
image/gif 2600:1f18:4e9:5a02:71d0:2e3a:4d87:7371
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZJ7wv7M16opIMKMsIAK4KAAADvQAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fcrescent-star.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a02:71d0:2e3a:4d87:7371 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:03 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 17D2
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZJ7wwwAVnUBCTwBS
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZJ7wwwAVnUBCTwBS&_test=ZJ7wwwAVnUBCTwBS

43 B
632 B

28ms
26ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZJ7wwwAVnUBCTwBS&_test=ZJ7wwwAVnUBCTwBS
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fcrescent-star.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

x-served-by: cache-yyz4531-YYZ
pragma: no-cache
date: Fri, 30 Jun 2023 15:12:03 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1688137924.836560,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZJ7wwwAVnUBCTwBS&_test=ZJ7wwwAVnUBCTwBS
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 17D2
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAB0x07JPeIAACR4l1I58A&expiration=1689347523

43 B
632 B

28ms
28ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAB0x07JPeIAACR4l1I58A&expiration=1689347523
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fcrescent-star.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAB0x07JPeIAACR4l1I58A&expiration=1689347523
Date: Fri, 30 Jun 2023 15:12:03 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 204 CookieIndex
rtb.adentifi.com/ Frame 17D2 0
34 B 42ms
40ms Image
text/plain 3.214.222.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fcrescent-star.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.222.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-222-87.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:03 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 17D2
Redirect Chain

https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662096371883186

43 B
632 B

31ms
29ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662096371883186
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fcrescent-star.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:03 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 1
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662096371883186
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7df75867997ed15f-BUF
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 17D2
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=I321QrfV1QffMY5

43 B
632 B

41ms
29ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=I321QrfV1QffMY5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fcrescent-star.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:03 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-0581796abe647e070@us-east-1d@dxedge-app-us-east-1-prod-asg
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=I321QrfV1QffMY5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 17D2
Redirect Chain

https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=76962ef6-1758-11ee-af13-5f9bbfc5070b

43 B
632 B

28ms
26ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=76962ef6-1758-11ee-af13-5f9bbfc5070b
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fcrescent-star.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:03 GMT
server: Cowboy
content-type: image/gif
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=76962ef6-1758-11ee-af13-5f9bbfc5070b
access-control-allow-origin: *
p3p: CP="NOI OTC OTP OUR NOR"
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx: lga-delivery-10
content-length: 0
expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 17D2 43 B
353 B 93ms
37ms Image
image/gif 104.18.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZJ7wv7M16opIMKMsIAK4KAAA%263828
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fcrescent-star.jugem.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:03 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 66375
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7df75867ec5e36a0-YYZ
content-length: 43
expires: Sat, 01 Jul 2023 15:12:03 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D3E8 22 KB
8 KB 33ms
31ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 369653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 08:31:10 GMT
expires: Tue, 25 Jun 2024 08:31:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F105
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1688137923870
https://ad.turn.com/r/cs?pid=45&rndcb=3242509303
https://sync.1rx.io/usersync/turn/3039655696692765300?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-b6f24ba6-27de-43b3-9293-bb8625f3db48-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b6f24ba6-27de-43b3-9293-bb8625f3db48-005

42 B
459 B

27ms
26ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b6f24ba6-27de-43b3-9293-bb8625f3db48-005
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 15:12:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Type: text/html
Date: Fri, 30 Jun 2023 15:12:04 GMT
ETag: RXb6f24ba627de43b39293bb8625f3db48005
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b6f24ba6-27de-43b3-9293-bb8625f3db48-005
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server: Tengine
Transfer-Encoding: chunked

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3A02
Redirect Chain

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&gdpr=0&gdpr_consent=

42 B
402 B

26ms
26ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 15:12:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 30 Jun 2023 15:12:03 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 5AF6 43 B
369 B 106ms
52ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Fri, 30 Jun 2023 15:12:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 570A
Redirect Chain

https://gocm.c.appier.net/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=lAEJRVoTA4yK6bW9xPCeZA

42 B
280 B

31ms
30ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=lAEJRVoTA4yK6bW9xPCeZA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 12:55:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control: no-store
content-length: 153
content-type: text/html; charset=utf-8
date: Fri, 30 Jun 2023 15:12:04 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=lAEJRVoTA4yK6bW9xPCeZA
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: nginx

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame BB65
Redirect Chain

https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=d2cc978e-e4b4-4edd-80d9-ad2c4a908504

1 B
72 B

31ms
31ms

Document
text/html

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=d2cc978e-e4b4-4edd-80d9-ad2c4a908504
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Fri, 30 Jun 2023 12:56:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Fri, 30 Jun 2023 15:12:03 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=d2cc978e-e4b4-4edd-80d9-ad2c4a908504
strict-transport-security: max-age=15724800; includeSubDomains

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame BE6C 0
0 351ms
112ms Document
text/plain 23.88.86.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.2.86.88.23.clients.your-server.de

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Date: Fri, 30 Jun 2023 15:12:04 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 736F 43 B
277 B 674ms
133ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Fri, 30 Jun 2023 15:12:04 GMT
Vary: Accept-Encoding
X-adserver-worker: avatar-e969e5f64c46@version_1.559
X-core-time: 0ms
X-server-arch: v2

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3EA2
Redirect Chain

https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7414243241464908987&uid=Q741424324146490...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7414243241464908987

42 B
113 B

25ms
25ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7414243241464908987
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 15:12:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: max-age=28572
Connection: keep-alive
Content-Length: 154
Content-Type: text/html
Date: Fri, 30 Jun 2023 15:12:04 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7414243241464908987
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: Apache/2.4.6 (CentOS)
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.33

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8151
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AD8E4C81138A47AD9B352AC9EEBA7388&gdpr=0&gdpr_consent=

1 B
53 B

34ms
32ms

Document
text/html

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AD8E4C81138A47AD9B352AC9EEBA7388&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Fri, 30 Jun 2023 15:12:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Fri, 30 Jun 2023 15:12:03 GMT
expires: Thu, 29 Jun 2023 15:12:03 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AD8E4C81138A47AD9B352AC9EEBA7388&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H3 200 sd
us-u.openx.net/w/1.0/ Frame C7AF 43 B
61 B 33ms
32ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=540245193&val=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:03 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK Martin
crb.kargo.com/api/v1/dsync/ Frame C7AF 43 B
504 B 199ms
41ms Image
image/gif 44.206.150.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/Martin?exid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.150.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-150-230.compute-1.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:03 GMT
X-Accel-Expires: 0
Vary: Origin
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 204 sync
sync.bfmio.com/ Frame C7AF 0
425 B 190ms
39ms Image
text/plain 35.153.221.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=187&uid=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.153.221.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-153-221-178.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 30 Jun 2023 15:12:03 GMT

GET
H/1.1 200 syncMe
synchroscript.deliveryengine.adswizz.com/ Frame C7AF 0
397 B 451ms
109ms Image
text/plain 99.81.147.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=C3A7FB0F-E114-40C9-87C8-FA6B843976E2&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.147.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-147-155.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:12:03 GMT
X-Clacks-Overhead: GNU Terry Pratchett
X-Adswizz-request-id: 78888d80-1758-11ee-a68e-0268cee318e7
Connection: keep-alive
Content-Length: 0
X-Application-Context: application:production
Instance-id: i-0f5d98e0db8026c9a

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C7AF
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8780596409763565358

42 B
100 B

26ms
24ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8780596409763565358
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 30 Jun 2023 15:12:03 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 30 Jun 2023 15:12:04 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.249.40; 96.9.249.40; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3549e0f5-6d06-44e4-9ff2-fef243d4ae50
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8780596409763565358
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 87F9 22 KB
8 KB 34ms
31ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 369653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 08:31:10 GMT
expires: Tue, 25 Jun 2024 08:31:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 39CD 22 KB
8 KB 33ms
31ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 369653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 08:31:10 GMT
expires: Tue, 25 Jun 2024 08:31:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200 747.json Show response
id5-sync.com/g/v2/ 600 B
1 KB 358ms
118ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/747.json

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/mediano/jugem.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

6cd07b3e8219895dd6d36f9d9dd7fe674dd584ec2a98bbca84e5e51358b66d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://crescent-star.jugem.jp/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Jun 2023 15:12:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://crescent-star.jugem.jp
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3783 22 KB
8 KB 31ms
29ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 369653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 08:31:10 GMT
expires: Tue, 25 Jun 2024 08:31:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4AA2 22 KB
8 KB 33ms
30ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 369653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 08:31:10 GMT
expires: Tue, 25 Jun 2024 08:31:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FC81 22 KB
8 KB 33ms
31ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 369653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 08:31:10 GMT
expires: Tue, 25 Jun 2024 08:31:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame D3E8 37 KB
14 KB 32ms
31ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:59:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 249164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 17:59:20 GMT

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 87F9 37 KB
14 KB 31ms
30ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:59:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 249164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 17:59:20 GMT

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 39CD 37 KB
14 KB 36ms
34ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:59:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 249164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 17:59:20 GMT

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 3783 37 KB
14 KB 39ms
37ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:59:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 249164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 17:59:20 GMT

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 4AA2 37 KB
14 KB 44ms
40ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:59:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 249164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 17:59:20 GMT

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame FC81 37 KB
14 KB 31ms
29ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:59:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 249164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 17:59:20 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CF64 0
855 B 33ms
32ms Script
text/html 68.67.179.113
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.113 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:12:04 GMT
AN-X-Request-Uuid: 90f3ea60-f872-4855-9b63-a42c2789cc99
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 96.9.249.40; 96.9.249.40; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FFE2 42 B
64 B 173ms
105ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCSTvCAy_89cLFOn4Q09EbFoWTKbqJQO10-_7BUaGvWj8TIM2371aMUTn-9W7JjdS8Z6ahDPcUECPLp349HKS0VFe3MoESxSh80BNcHnGGAwDIuNJLGp6ydLNWVIvKjZaPOo3a22IXVg&sai=AMfl-YRDgfQDHqbOBdQ7whn1Pvcm0QZsbdSfWqQkoTLRwhhHLLyor_YBxplzYdhLU9LP3kwVWdM-F1ORq-SSp1PRdYdgp8usfxirm9qTQfBezuv7wyQccmEhMi3wVWdaZxKkedVD3kl8jpoOoR4ngQ&sig=Cg0ArKJSzLLXm6_owhnsEAE&cid=CAQSTABygQiD-f6B86V-berF-lygsRP9mMcV6coNiSuzI0ADf3Aq6AS9Gm04pkNbjaH1Zk-t7F_fJ-CLbAlxO-dKFxvhePHn01QnI3PiD1oYAQ&id=lidar2&mcvt=1051&p=426,425,676,725&mtos=1051,1051,1051,1051,1051&tos=1051,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1636172113&rs=4&la=0&cr=0&vs=4&r=v&rst=1688137920554&rpt=3104&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3AE3 42 B
64 B 166ms
106ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFJq4BI-qeYpVOxbU5rtPFtfnEWB2wc_VEDqN2821qcFzGggvpFqpNbq0vK_9bOslgNhZ-RltRXuPCtUNTRqZpxwwwlv7IT1qclqKc5N3fOBA3MPD6ktNAJX7tpK3XBsgnsnfUcx-qxg&sai=AMfl-YTPqlbl-Yhz1XT6f0tedXNEfXxeS6Bon-Tqg45L46alIOS-bH5LDfPIkCmMcz4c7MYn9m_O_dVeNcwnL8xYA3yBCc5y1mu2lKZSj55RBLAmrWSrlfis3aBxkwBU3u2tdwTBGxSoGhwVDkJIkw&sig=Cg0ArKJSzJrO7w-IGoIbEAE&cid=CAQSTABygQiD-f6B86V-berF-lygsRP9mMcV6coNiSuzI0ADf3Aq6AS9Gm04pkNbjaH1Zk-t7F_fJ-CLbAlxO-dKFxvhePHn01QnI3PiD1oYAQ&id=lidar2&mcvt=1060&p=676,425,926,725&mtos=1060,1060,1060,1060,1060&tos=1060,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=913629305&rs=4&la=0&cr=0&vs=4&r=v&rst=1688137920580&rpt=3061&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D3E8 0
20 B 65ms
64ms Image
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bz8zTwvCeZNvXJ6CjoPwPveiBiAEAAAAAOAHgBAI&bg=!WVqlWg7NAAb90kgr3dI7ADkAdvg8WqT7_4ItwyyneszEhe6QV8r5qxjQwDnI6I9flB-8QXsqQnkO_WY_W8sZ8itmAuqc_pY1NukCAAADHFIAAAAEaAEHmQLs0qQ_lA4E0_g7DQTORObxFiTHXywhRpbZIrivLcEWIeZyWmC1k-BB1f5dgvYR25SMyHnmBssh2Vu_8bWYIcve7zrW3oCdqRO-N2BNYH-17ZrRqvOv6hVjJknP1pjnCaj0MMYAubFP-znpft3GKN6Rs7X2tcOYx3OSC1FuL8V-taSXaMvzbnlZw51E8YvqOMo_amBmf7UoyHXGCGHIVptIAc7RPYlKKcoLBIu0Kn6wOTypboADC5WmDTf1r8FOCBzzbcF2pPb4BKKMjMoTBlgCT7HcSE4t2a4nEmqCEi4B0SzRXMpieAkIdGrEQLpHLd9fJz_wOIvexLoJHrxORyfWAN9BZd9NsPp6zs-Lz8caIwq-_pETBxTO43v3VIFJfijL0IkggdRomLLVCOW3tkiUiKBNHfXrgPeZ8fmXbausu66prOSpNO0s_xfhmuq06GSUUjcHtmd6cU8-gPhVYLmnPu5hPAzS9MIxLv4Qju1U5kYq-6yCy1uBBDoRJ6Gwxka1i8475o-sIy-gg8TCnXTNBvPcRM584SQ4dpfG2PZvT9IhuBRUsD0lv8shRGY7pLJ1paQhWyP1UPr-fiC3bJcosUf4w4OhpXzrO-vjx7p8KhnS3KvHLGfzkBkqJLasV_FA9malcFNJBaF_lGOA3eJqgs3uYZ1d69DsgYo9EHc2qSLnkanJ149lCM2jtZf0wK1Ybs-C84wvgjWeeXFNSTWxfIGCHkATVZGLdnF9E8amLYxRDCIu6kPT2hIUif_HXg_0W3HtiukRIuTxByirFKITcgQksNZHXx-WKTG5yuoE6LAmAn9cwq3Wmlb9ySKlbORXCZoywtVCWLaKuy-RJ5zNonPPo744vpjf-FxfB2qFhCN2yuTEsn17DdzxXrpjbZjp-8IeiRJ6wkpDNxxvoC4x2PDuxO4E2vveQzPAWNZDTqGdAsG0wtNEWjNwJrAhSoJxo2p7eUsSFxBtNqxSI-C0pUk0mA3H8WU4Y3r28g

Requested by

Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5502 0
20 B 59ms
59ms Ping
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9495308035499&version=m202301230201&ct=76&x=1&cor=1405930076806379500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3783 0
20 B 74ms
72ms Image
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKYsswvCeZIe7MJ2VoPMPsrqSoAgAAAAAOAHgBAI&bg=!n5ylnMjNAAb90kgr3dI7ADkAdvg8WmCZ26yNvJ5BkpWIR5P3A5yDwtwiQXkkxZpkPtC9pmj7IGAmAD0iFma_psy1IvD5nzlJ8DYCAAADD1IAAAAEaAEHmQLqwnojgySNJPWtMUMJS6iNL0p2UoW9SIMGTL8BFEiQWwaZR-cUhnYpzGsfGQOW0SHELKZ9K-vyrIyVHToFWXzPCRyizKZLc_w3OoKjwGuf73QTZk1c_-C8vGfOXDiypBtKdNBQr-G0De1UHDK2wGRiGYLJ5zhb-cIo71G3qU0AYF6T3RCUWYaK7OW747gRRTapsKmHdN2iarcWCDOP_NohIiGbpBG7xIzsz2q63BD6qQbfWDDFOY8rYE9FjuZplwUfN_CtM7b6CpEEN2MHSk8kcmtFZGhWj10mtFX71JRoBzSpcx5UwmfiZMJTRYSVuFRGDF_1jtu2AgdQwUUElxWwyJ_3GRWxRTRZ-vClhbnIGAItItq4Uk23t9lZWM-IZgFs77WqshIQ2oFC3NHr3QuMTaEDL7-bLx5zdCymA18LXxQun8KTUqjyAdQm7xKEmdmW8KrVclGbID27DgB9r9EtjZf3-WyA8_1hJEJJsSwG-JlBi1-6HAQPxBm2Ir7X2vosuyVhRsls5uTg1_CmV6EnquHniB0ow1_nJ9zT1IM_QfXq8p2gGNr0XVKlpXGvP2qZS7IU1VEVJK-j6EyU1Qtuwnv0Jl-Z8hr-eK8YsXZVNiPiY0UuihxGD65M5uTCQ6tymahQivHdybmrq9eDQqF5fiOgBMMC6MNirpxmgCGkufFt9df6lvCtvWFXhaigiXsORlXf5p44hG5h-p8IIgFNPdePZgVpF_U0EMcDjT-fqgAbRQPT9zFpqsRoR-7TBYKXm5CKxIuRv0xHMkCnI1wc5ALjGRx_55-zwBHEAom9ejquhZet8BmddiHO-SP0pX06yjQ4aW5N9UQ3kV7JcFgiSnXhboWzzPeXFPzJe00BW9FaA1zxeqBBdjAlbEXchSBScGaqQI8INZqE8JPOfZVFsEFnXlAcfZCPe3wnjIecFetYjhvm1VH7WfgduyrLbYTAwSyhY2nfpNmJ7oiZxm6qCpdqyeq15Yl1d5w

Requested by

Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BBC 0
20 B 61ms
59ms Ping
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2787939463416&version=m202301230201&ct=76&x=1&cor=7814494757126585000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AE3 0
20 B 58ms
58ms Ping
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6532969116824&version=m202301230201&ct=76&x=1&cor=15188030865402540000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AA2 0
20 B 65ms
64ms Image
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTDpewvCeZNbaMM-5zwWqr5WQCgAAAAA4AeAEAg&bg=!LC-lL3vNAAb90kgr3dI7ADkAdvg8Wn_hqw5Xxivjs2z8MAhtfPDeLmBxeyuH8cBSLuonhijYq5qORMMnfAyK2QEsMnnnDUMfGToCAAAC_lIAAAAFaAEHmQMJTiFQPY1emLChyD8zKLCQM50irUTN9PyG144iinLJcloVTEKfrYfOIuK-ggiv73TFrGa9-wtqqb3aet10jh85Mry0SJ4tc-U_x3NcJE2AGTl-abrusJf2yT19eTWMDWpxrV7TthOO8UPjJ9xdd8KK8fxImyUTUDTWDBQwWMXNNss8dIP0yc5hXQJhWf-4YJZEB5EKsi2p2Qo5dXZLXVOnhJhpPjG7Z7StuAvvG5pFk5VLrhzDLoVZ9NdAyD2d-Tia7pUhL3w1U4fpY9sbdvWbszBsvLbhAnYJrhpOnJLnXuB_nhpozdnC27QsnNIool0LvJC3CfgnKuDZheWe5mUZST3vo1L45MC1klpwoqs93-aLckoaNNxKZNPD5xsabbE7Fg2yKmX8ChjuI-UBYduwWNs13p1OLOjd3mFmWw7PCSljxc-MkVtCwOZj9XiZY5aSDusZAeWeqwi387nfTwhJ1sly4fCVaoAAfO6Md6MVDy7aezl9zg9e76HEjZbnuXDEYqtnG9XIS-ntOwh1baDey8vh0O81oQFcxqeYezaMbfLrRXOrYKf1gTMLy5mE3yKEzGkI8kpZRQT-v_4a-7r4ijzGfLDSQu072r8WD4bBez6g0cQeapcYptJN_5BDbZDsmEloKdUFquYzCZzrWinGhYEYVSF0xL1FmRHsDY5HiA2sK1H248FjfJ7ncDs2wb9hb5Fsi8Zv2TMzZhxwHT-GigJbcwILQwfw3ay28mg_NqujP9a4_S5FqMewXjTdISa5jowTj_ba5EzyGd3sWfdOJEu2zVLVtNNS4I5uJCgqrf48Lx8CjC61n-CPiL3UJAwfq4kOstQXqc4zs--r9x5TVNf0pWMhslEsDDwwwDNOEG0BXeyGq-YuEXhjowpCgjDGo691CN6WuntnPCcug5dxjEnQDaasmy67LSUOsNPuWZVzsDyawsIk54Kyr3gM6bkBjwARIYPzlRyZoetlByTo-aUtI1PhCtNOEEcQXdlTKm9gNuJiiA4kC01pIWP5l689AMd89yTDwunW

Requested by

Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFE2 0
20 B 51ms
50ms Ping
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=469286437283&version=m202301230201&ct=76&x=1&cor=3162322353430363000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F099 0
20 B 60ms
59ms Ping
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4652324955546&version=m202301230201&ct=76&x=1&cor=13870621896178086000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E00B 0
20 B 60ms
59ms Ping
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8011252859361&version=m202301230201&ct=76&x=1&cor=5559511400978608000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC81 0
20 B 63ms
62ms Image
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8lDgwvCeZLr7MNyqoPwPmZulyAMAAAAAOAHgBAI&bg=!xsWlxZHNAAb90kgr3dI7ADkAdvg8Wp-WjnrahtT92Lmyb4pVMiMFYXa2ukpE_H4628-bJE5urbePAPTsNeLjOjLSEw0DFsCjWlICAAADK1IAAAAEaAEHCgCDNQUED_ZoFcGqchTxaScldMeVtrEjjQFmxHtdopyx7ri8NOwaD_sGIYh3zhSpwozhDsfiERmFUjYH8_6NJNtH6ViJtPi__od7FSVwU3UhRi6w0tAbhQJWoS0l6nVl6a5kQ0llBvty_C6KThYQ3WlI89zxhJbpKwQm7Asq738SennNxqaZAwGRdYmyqh5fV_Kr79zbBe3jZP-elywrvNorfU2Ha5k1FgNzn1L7IYnLD0xB6y6ywqTDwoNOm4K_NdR8J2KpsroE-yJUtxrxb4e59lB5vtJQKRYpBZwmCpNIUMJ6wmxqR5PhrqRjPZviRxHrFUlZ_14rrJoxr6OLpHEMWiQ-p-XwGxgjSX5lHQsAc8xZoykASefy1ZzF4rqWJRtYtFYAWreD91R3vSQ2sEVAmQiimFod_uGl-9oW-hVBM7JQczckhHOT2sQgDN2wAGGmwoY968QXFBszO5nTQ-lLZBVX5fBfxIRcempBEqwSHJ01uqLQXWkG4oseHEWiW9Sw3Y__hwklOL5sqFP_6J9eqRMZZ9DWrl6HRSmmC1AhQLNvyOaEUJzQhCbJHIvxa1riUNLxVGJAAG7fcylE7zvtACuAZrREos6Kdz5XEByQSEqM_0CyOlvllHOOAnNRBPRLHAFZDnnydY7sRrf2f3jzb33yxNKR4rjuc3RgCNMRF7kjHOhs96QOEn1RJ7aH0CPs1loiySjqZ4Ui4SC7hafICh2hu6ho9VoPoMO0V0Df8L7wZKyhvzEx3uPtdydkiQoiXgboVLW66rYuoup8wByMCCEt7_nGBeb5heNOY0yf2yMvqiEbSUqswQAG5THNo5JNcF6y-dHAK7WHkiq5S3uLl--kQbWjlTTmQ8xziorCbU4jb-wItBPNPp5J5W7s2JW0CY1NNuRrx8VEvprwS2RXxvcOiUdPTYTwN7Fum0FgeuQG5le8MtrMvf0VhRYmwuxO6KiDRA2KkTBBbgucywLGaGcna_s-tAe_9JliD46pXVhCpLtylyzkrlnMwl2K5EuZHK2P4k-gZxGFQJlufghrX98cv9r-2ASZu3S8mzLofLbCdC82rN_i5fFJzsEQXubrNm6-onuQK0oUfkahvX0Aq9lYAO6C3J7E5HUI2gE1ijhHT4TknnQ3xaRQinyIs4bGT78qMyTiJq29NMhiwjsdYi7P4lxxCVvkTPEFZFQqIbThwS36NqtN

Requested by

Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 87F9 0
20 B 55ms
54ms Image
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLMeWwvCeZO6hK4SaoPMP1ISPuA4AAAAAOAHgBAI&bg=!vr2lvenNAAb90kgr3dI7ADkAdvg8WkZ9IXprYGZ-cRB50biJkVA9O5ZuL9nxzbrL5ft6o93w6pKbbMgSKxtUuCYHVrUrYa2A-RwCAAADm1IAAAAFaAEHCgAV-Uz5ShdRlcBl2MuvzZoc0lKFy2jsmQLuTCVt8pl-BHokAh-ar28PcAnNZdNQpEe4rOu2mkUE3jCzwxRwIvsxerNzQLmURGnYWEjmXPZda_71W53m3DwOPduvQq-hAsozQczG5US2-l_KcQmvQTmEWuyDzMEX15HxqoW9KhkbZOtZLgqUprXaeDG-XY978-ZM9vOBChBC1GJQAfCQVlnUjkpYWUeIHYZGuBd2ModYUSpKH1grVzxn_ZWB3Z4SPqNHt_DDBR8L1WsiCZdDed9hvpuXpQg-DStySSujLM_DEvVUkKRBKahXD59HqpQoDC2RtzBMwrWBlrPOqOlgy3Y8kCtSmWe6VnxoeLaH0_bU8GQ5gd-l--UMh30g4iBx1W5V05TwVNUt3S5Y3pT1j17YGKnWCCcqBx3w_QwO5fsZYRoMToLrAa5g7e7vD3ukx5DeIYn-qMLT5Bl6MfH8eZGwiLpc_ZiJqgjNH43SZamy-Uf5_uEeEzNGKtwhVzG9rVHt9yQPPcXgJ4K1ll_gecocRxmb0v95KTEMppOS3IKkeJLcQpOXX52wbz1gN-qV0_zW7ObdKGAEaqrP9JY96yntq826N0FfNvQc1t4dOc0lDaPs0Sd4Md6Q7shSv87QoqhSA-g35oOpMKX8dH3v54MeToePpS2Egg7jymxkK03xfPbgCmFfaMWO4adm7B50yg1Q49GsLcF9rvveU9a4iQZhmJqYwyMOTiPN9OV_ConguVMi5lscmUCug4gOhSYDJD7b-iK4XFsc6SEfdFdT8t4j3q0j2b8wCQTbAgQY4kCaHUgNNeBBZ3tvZqZNwng_RyLT00LB56PRp7fo7KOGOU32Y0dPAwgdhSK6XSTZguUzyZbZHFg8sF1UrDsPx3LplziXBTQTHBCjr3qeRRcIwrPGO946yhaJJu_zPwVGLpoahNLwArREY3nfBBJTHttzidGtPe8Dj788ouS1TqD1HenpfMlZsIzLc7fM5-eFxDwEwhs1Ru3iVPadPP82JV7JApt_fmZv-7q3

Requested by

Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 39CD 0
20 B 62ms
62ms Image
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZdu3wvCeZMjVLI2vzwXrg7joCAAAAAA4AeAEAg&bg=!xMelx5PNAAb90kgr3dI7ADkAdvg8Wgmih9aJUInY9fQprmy7u8SHZRywwl8_LqGzOKOSVbxzSv6Q5kKBVxhwtnDzKpruPGDzv5UCAAADpFIAAAAGaAEHmQL57tG1nzg7Bb_f7g80dI1greUywPvRiDGm32lagqYk0wuMhmPd0hKREEj9TFWH8xbN9Pro_eP3-NWXHp5knfrkQu9sX8-j_GhONSUaL72WOOpx425rWEK6S4kYRkE8BlLpj7fEKsTsNjztGTbLJJzQej9YKJcharlpZvK98xK3_wet6JipjwlYlxHrgthec1SAfdDpSnh8yJ037YSS3KhMKAYyytyQwO2Py1GYtjWieK3RQ4fm5q_lpvAPwImXJ1gzRbPJWFJRvlRAZG_fkG11UeaT-809big80kwMOjbD7oOfU-NEFU9ftur83PMym_39zCGwcwyZOzxJo8m1graXEDvIltUeX7whzdSSTTKP3yr4WngIrTmqeP45acnXaA0mCEno29b9ojJu9Gxpn3VmXRSImpqptSUX_T3OvjO6LPbUzdRf98cp5FnVI6b5HiaQI8TGt8d36liOS89E3a_w3MqB9xK51PkvcUHHTcJjrvbjyN0rTx36cW7lGzgj0i1P_YtRXhLBVsOfoqhvg4Uy2Vtp3hWugbL4gwz-8BKyRQ21pggAKsRdBwn3ZwIZJz7GSAxuIsv-R_jKgyFBBMsVbPSrh4Dn6oQFTt50YLsxmtgBuLVR6Ta4e7UaJaM2aYk19Ti-G8V167amG-VWPzWpTlU0FUsanx_KBTtBQfW59rg6G3V8Vq7vrq_cyYJMZGVjichQleatgSB9POv8Ck8r6y-VsdvWl3ZFcb62s2wQMA30XHc0Hnrs_qeiYolIQw8Lr44UNqRS_9TAsWabEH1fsJJ-WSUpKXIq6Zk8Rh286OE1F0xpoqCYwZuBJ03FhzQdYn8JLu6fM_PXo_oTIOjx6H6_yhfgp9Rt5PvpDQ1bGx9-cNiB150dmqxElyzRaP2AKg1KeyQ5TC_-xLouI5iX7M53peWxXBMzZH7s36hh5PDLAjwImoT61YQqsPWdG_SSIGXG8_fR0dManfELJ-6_6LAl8WWwILq92zr2cxQFnS8SXMbX8LJxAPM

Requested by

Host: crescent-star.jugem.jp
URL: http://crescent-star.jugem.jp/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:12:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame C7AF 0
128 B 25ms
24ms Script
text/plain 162.248.18.34
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158977&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:12:05 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET share_button.php
www.facebook.com/v2.5/plugins/ Frame CDA2 0
0

GET share_button.php
www.facebook.com/v2.5/plugins/ Frame 3D01 0
0

GET share_button.php
www.facebook.com/v2.5/plugins/ Frame B6CC 0
0

GET share_button.php
www.facebook.com/v2.5/plugins/ Frame EA69 0
0

GET share_button.php
www.facebook.com/v2.5/plugins/ Frame 13E1 0
0

GET share_button.php
www.facebook.com/v2.5/plugins/ Frame A28B 0
0

GET share_button.php
www.facebook.com/v2.5/plugins/ Frame 2C53 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: img.missvonsmith.sleepingawake.org
URL: http://img.missvonsmith.sleepingawake.org/20110708_2024250.png

Domain: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}

Domain: pmp.mxptint.net
URL: https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=

Domain: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3da41d22e2d094%26domain%3Dcrescent-star.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcrescent-star.jugem.jp%252Ff771a11b6c5394%26relation%3Dparent.parent&container_width=390&href=http%3A%2F%2Fcrescent-star.jugem.jp%2F%3Feid%3D940&layout=button_count&locale=ja_JP&sdk=joey&width=110

Domain: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df162887a601b22%26domain%3Dcrescent-star.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcrescent-star.jugem.jp%252Ff771a11b6c5394%26relation%3Dparent.parent&container_width=450&href=http%3A%2F%2Fcrescent-star.jugem.jp%2F%3Feid%3D940&layout=button_count&locale=ja_JP&sdk=joey&width=110

Domain: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df85db4c386a90c%26domain%3Dcrescent-star.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcrescent-star.jugem.jp%252Ff771a11b6c5394%26relation%3Dparent.parent&container_width=390&href=http%3A%2F%2Fcrescent-star.jugem.jp%2F%3Feid%3D939&layout=button_count&locale=ja_JP&sdk=joey&width=110

Domain: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ad9e948359758%26domain%3Dcrescent-star.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcrescent-star.jugem.jp%252Ff771a11b6c5394%26relation%3Dparent.parent&container_width=450&href=http%3A%2F%2Fcrescent-star.jugem.jp%2F%3Feid%3D939&layout=button_count&locale=ja_JP&sdk=joey&width=110

Domain: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a2dc2f8f83924%26domain%3Dcrescent-star.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcrescent-star.jugem.jp%252Ff771a11b6c5394%26relation%3Dparent.parent&container_width=390&href=http%3A%2F%2Fcrescent-star.jugem.jp%2F%3Feid%3D938&layout=button_count&locale=ja_JP&sdk=joey&width=110

Domain: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df207fcc17f24044%26domain%3Dcrescent-star.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcrescent-star.jugem.jp%252Ff771a11b6c5394%26relation%3Dparent.parent&container_width=450&href=http%3A%2F%2Fcrescent-star.jugem.jp%2F%3Feid%3D938&layout=button_count&locale=ja_JP&sdk=joey&width=110

Domain: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=264046217008105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3510437dfe3904%26domain%3Dcrescent-star.jugem.jp%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcrescent-star.jugem.jp%252Ff771a11b6c5394%26relation%3Dparent.parent&container_width=390&href=http%3A%2F%2Fcrescent-star.jugem.jp%2F%3Feid%3D937&layout=button_count&locale=ja_JP&sdk=joey&width=110

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: JR East (Transportation)

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

166 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 15:05:13	Name: sync Value: CgoIoQEQ3_Lx5pAxCgoI4gEQ3_Lx5pAxCgoI5gEQ3_Lx5pAxCgoIhwIQ3_Lx5pAxCgkICRDf8vHmkDEKCQg6EN_y8eaQMQoJCAsQ3_Lx5pAxCgoIjAIQ3_Lx5pAxCgkIXxDf8vHmkDEKCQgfEN_y8eaQMQ==
crescent-star.jugem.jp/	1970-01-20 15:05:13	Name: _flux_dataharbor Value: 1
crescent-star.jugem.jp/	1970-01-20 13:38:49	Name: _pbjs_userid_consent_data Value: 3524755945110770
.jugem.jp/	1970-01-20 13:35:57	Name: sharedid Value: 78b372e7-0fef-425f-960e-cf7a799d731b
.crescent-star.jugem.jp/	1970-01-20 22:31:37	Name: _ga Value: GA1.3.1672754536.1688137918
.crescent-star.jugem.jp/	1970-01-20 12:57:04	Name: _gid Value: GA1.3.1443944505.1688137918
.crescent-star.jugem.jp/	1970-01-20 12:55:37	Name: _gat_jugemTracker Value: 1
crescent-star.jugem.jp/	1969-12-31 23:59:59	Name: __mguid_ Value: c35cca7d-4eec-46a4-b05d-83c7d7ed0c51
crescent-star.jugem.jp/	1969-12-31 23:59:59	Name: _ss_pp_id Value: c35cca7d-4eec-46a4-b05d-83c7d7ed0c51
.rubiconproject.com/	1970-01-20 21:41:13	Name: khaos Value: LJIPQAMP-Z-B9FL
.impact-ad.jp/	1970-01-20 22:31:37	Name: c Value: 1688137918
.impact-ad.jp/	1970-01-20 22:31:37	Name: tuuid Value: 5d1e0e06-8041-48b2-8a26-8619f151db12
.amazon-adsystem.com/	1970-01-20 17:22:01	Name: ad-id Value: A8BTAp0F0Ergqgbh2zAF94I
.amazon-adsystem.com/	1970-01-20 22:31:37	Name: ad-privacy Value: 0
y.one.impact-ad.jp/	1970-01-20 22:31:37	Name: nbdc2h Value: !217,1,457380719!247,1,457380719!288,1,457380719!105,1,457380719
y.one.impact-ad.jp/	1970-01-20 12:55:45	Name: nbdc Value: !217,1!247,1!288,1!105,1
.socdm.com/	1970-01-20 22:31:37	Name: SOC Value: ZJ7wvsCo5tAAAO2JaHUAAAAA
.smaato.net/	1970-01-20 13:25:52	Name: SCM Value: c3cd0795
.smaato.net/	1970-01-20 13:10:45	Name: SCMaps Value: c3cd0795
.zemanta.com/	1970-01-20 21:41:13	Name: zuid Value: fLhZKkf-F94P2UhaE5Pr
.casalemedia.com/	1970-01-20 21:41:13	Name: CMID Value: ZJ7wv7M16opIMKMsIAK4KAAA
.casalemedia.com/	1970-01-20 15:05:13	Name: CMPS Value: 3828
.casalemedia.com/	1970-01-20 15:05:13	Name: CMPRO Value: 3828
.smartadserver.com/	1970-01-20 22:25:52	Name: pid Value: 1448414310149459964
.openx.net/	1970-01-20 21:41:13	Name: i Value: f5a372f6-9252-0f1a-168c-a4ffdf518208\|1688137919
.openx.net/	1970-01-20 13:17:13	Name: pd Value: v2\|1688137919\|vMgavPkWgy
.adnxs.com/	1970-01-20 15:05:13	Name: uuid2 Value: 8780596409763565358
.pubmatic.com/	1970-01-20 21:41:13	Name: KADUSERCOOKIE Value: C3A7FB0F-E114-40C9-87C8-FA6B843976E2
.yahoo.com/	1970-01-20 21:41:35	Name: A3 Value: d=AQABBL_wnmQCENy4Q14LP2_gLjM-5cd-VdIFEgEBAQFCoGSoZAAAAAAA_eMAAA&S=AQAAAk5MOpFTa3IUwoyj1jmCr2E
.adsrvr.org/	1970-01-20 21:42:40	Name: TDID Value: 6b724462-72fa-46ba-9c10-3c9c030bc1d5
.bidswitch.net/	1970-01-20 21:41:13	Name: tuuid Value: 30c28880-f135-45df-9a1a-123ecbe9d4b2
.bidswitch.net/	1970-01-20 21:41:13	Name: c Value: 1688137919
.eqads.com/	1970-01-20 15:08:06	Name: EQUser Value: UID=dd9a7fe6-8919-4ab7-9198-f9439c5826df
beacon.lynx.cognitivlabs.com/	1970-01-20 21:42:40	Name: UID Value: b05f9972-88ff-4817-a911-8a70eb8251d2
.doubleclick.net/	1970-01-20 22:31:37	Name: IDE Value: AHWqTUlw3B15usYrZgkWXjd_p0IUxbUIKLMqvzLvuJFaTN9mFmBgDYHnk5Kn3b54L_A
.bidswitch.net/	1970-01-20 21:41:13	Name: tuuid_lu Value: 1688137920
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjS3MDY3Nzc2MrIwMzM1MDcxMxHiM9StCk0ODzc0jdB18g4FAD2gpKElAAAA
.rfihub.com/	1970-01-20 22:17:13	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmFhaGxuaWRgZGwAANqYp6IQAAAA
.rfihub.com/	1970-01-20 22:17:13	Name: rud Value: H4sIAAAAAAAA_-MSNjS3MDY3Nzc2MrIwMzM1MDcxMxHiM9StCk0ODzc0jdB18g4FAD2gpKElAAAA
.quantserve.com/	1970-01-20 15:05:13	Name: d Value: EMQBCwGtKfijAA
.quantserve.com/	1970-01-20 22:25:52	Name: mc Value: 649ef0c0-398ba-a68bb-791df
.deepintent.com/	1970-01-20 22:31:37	Name: CDIUSER Value: di_5e9464b93f0545c39a81e
.mathtag.com/	1970-01-20 22:21:33	Name: uuid Value: 6bb0649e-f0c0-4d00-bb72-31bc0765c9c4
.w55c.net/	1970-01-20 22:25:52	Name: wfivefivec Value: I321QrfV1QffMY5
.jugem.jp/	1970-01-20 22:17:13	Name: __gads Value: ID=83be02f21df1a7c6:T=1688137919:RT=1688137919:S=ALNI_MYWib3t4dBltWuBiq-PbSyZXyR5Hg
.jugem.jp/	1970-01-20 22:17:13	Name: __gpi Value: UID=00000c7cd0c1b732:T=1688137919:RT=1688137919:S=ALNI_MangS-qWhgGWepSEwHj5Sq3MSHMMQ
.openx.net/	1970-01-20 13:17:13	Name: univ_id Value: 537072971\|6b724462-72fa-46ba-9c10-3c9c030bc1d5\|1688137920409677
.acuityplatform.com/	1970-01-20 21:41:13	Name: auid Value: 795479323761
.acuityplatform.com/	1970-01-20 21:41:13	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBREMbRwWymGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAURDG0cFso90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.tapad.com/	1970-01-20 14:22:01	Name: TapAd_TS Value: 1688137920694
.tapad.com/	1970-01-20 14:22:01	Name: TapAd_DID Value: 40bb99ce-d487-4439-8cc0-4f633e1bfa69
.bidr.io/	1970-01-20 22:24:11	Name: bito Value: AAB0x07JPeIAACR4l1I58A
.bidr.io/	1970-01-20 22:24:11	Name: bitoIsSecure Value: ok
sync.srv.stackadapt.com/	1970-01-20 21:41:13	Name: sa-user-id Value: s%3A0-0a85bc50-c7c1-5123-545e-ff63a719c296.o8wo905Cjmk1PwEW5BA7o%2F8xPDEJ%2F8jKGOyzwXR8Gi0
sync.srv.stackadapt.com/	1970-01-20 21:41:13	Name: sa-user-id-v2 Value: s%3ACoW8UMfBUSNUXv9jpxnClmAJ-Sg.RuHCbO5TnBck8%2F2VQKwO41BY2dc9o2BXEYCEIDw8cTg
.srv.stackadapt.com/	1970-01-20 21:41:13	Name: sa-user-id-v2 Value: s%3ACoW8UMfBUSNUXv9jpxnClmAJ-Sg.RuHCbO5TnBck8%2F2VQKwO41BY2dc9o2BXEYCEIDw8cTg
.w55c.net/	1970-01-20 13:38:49	Name: matchpubmatic Value: 5
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_1278 Value: 23329-b05f9972-88ff-4817-a911-8a70eb8251d2&KRTB&23340-b05f9972-88ff-4817-a911-8a70eb8251d2&KRTB&23498-b05f9972-88ff-4817-a911-8a70eb8251d2
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_57 Value: 22776-8780596409763565358&KRTB&23339-8780596409763565358
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_469 Value: 8273-795479323761&KRTB&23428-795479323761
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_377 Value: 6810-6b724462-72fa-46ba-9c10-3c9c030bc1d5&KRTB&22918-6b724462-72fa-46ba-9c10-3c9c030bc1d5&KRTB&22926-6b724462-72fa-46ba-9c10-3c9c030bc1d5&KRTB&23031-6b724462-72fa-46ba-9c10-3c9c030bc1d5
.adgrx.com/	1970-01-20 22:24:25	Name: ADGRX_UID Value: 76962ef6-1758-11ee-af13-5f9bbfc5070b
.simpli.fi/	1970-01-20 21:42:40	Name: suid Value: AD8E4C81138A47AD9B352AC9EEBA7388
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_80 Value: 22987-CAESEN07dI0sDKQr6er-RoanQ_s&KRTB&16514-CAESEN07dI0sDKQr6er-RoanQ_s&KRTB&23025-CAESEN07dI0sDKQr6er-RoanQ_s&KRTB&23386-CAESEN07dI0sDKQr6er-RoanQ_s
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_18 Value: 22947-1783777322866507464
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_153 Value: 1923-TbjUah28jj9Wv9Q3Ge3Abk20j21Wu9Q-H-rVkaGl&KRTB&19420-TbjUah28jj9Wv9Q3Ge3Abk20j21Wu9Q-H-rVkaGl&KRTB&22979-TbjUah28jj9Wv9Q3Ge3Abk20j21Wu9Q-H-rVkaGl&KRTB&23403-TbjUah28jj9Wv9Q3Ge3Abk20j21Wu9Q-H-rVkaGl
.turn.com/	1970-01-20 17:14:49	Name: uid Value: 3039655696692765300
.3lift.com/	1970-01-20 15:05:13	Name: tluid Value: 78751596189103214277
.dotomi.com/	1970-01-20 12:55:37	Name: DotomiTest Value: 1d4186035e70fdd
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_860 Value: 16335-CoW8UMfBUSNUXv9jpxnClmAJ-Sg&KRTB&23334-CoW8UMfBUSNUXv9jpxnClmAJ-Sg&KRTB&23417-CoW8UMfBUSNUXv9jpxnClmAJ-Sg&KRTB&23426-CoW8UMfBUSNUXv9jpxnClmAJ-Sg
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_107 Value: 1471-uid:I321QrfV1QffMY5&KRTB&23421-uid:I321QrfV1QffMY5
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_22 Value: 14911-3039655696692765300&KRTB&23150-3039655696692765300
.ipredictive.com/	1970-01-20 21:41:13	Name: cu Value: dfaa0c26-655b-4adc-9f59-33a4b9ffad62\|1688137921077
.adgrx.com/	1970-01-20 12:57:04	Name: ADGRX_CM_PUBMATIC_BRIDGED Value: 1
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_148 Value: 19421-uid:AD8E4C81138A47AD9B352AC9EEBA7388&KRTB&23489-uid:AD8E4C81138A47AD9B352AC9EEBA7388
.thrtle.com/	1970-01-20 17:43:37	Name: mc Value: eyJpZCI6IjM1ODcwMjVjLTI3Y2MtNGU2Ni05MWYzLTQxOTcxNjAxYTk1OSIsImwiOjE2ODgxMzc5MjEwOTUsInQiOjF9
a.clickcertain.com/	1970-01-20 21:41:13	Name: _ccpx_u Value: 39d15267%2d3492%2d420b%2d8398%2d3dfff23d89c6
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_1003 Value: 22761-76962ef6-1758-11ee-af13-5f9bbfc5070b&KRTB&23275-76962ef6-1758-11ee-af13-5f9bbfc5070b
.sitescout.com/	1970-01-20 21:41:13	Name: ssi Value: e14be83c-1342-4d20-be20-a9e1b58a96ff#1688137921291
.adform.net/	1970-01-20 13:38:49	Name: C Value: 1
.technoratimedia.com/	1970-01-20 12:55:43	Name: tads_uidp_88 Value: 3944853853175584152498
.technoratimedia.com/	1970-01-20 12:55:47	Name: tads_uidp_77 Value: PYPUjY3btY6pj8vfBJHMN8S__aLPSxEtHE4RRHF1UN8
.technoratimedia.com/	1970-01-20 12:55:43	Name: tads_uidp_44 Value: LJIMA5B8-1G-BXB1
.technoratimedia.com/	1970-01-20 12:55:43	Name: tads_uidp_46 Value: 3979656610076561723
.technoratimedia.com/	1970-01-20 12:56:00	Name: tads_uidp_79 Value: 8c89f462-2727-45a8-95f5-8cc78e747c09
.technoratimedia.com/	1970-01-20 12:55:43	Name: tads_uidp_37 Value: c298c91a-e167-33ed-bae8-bc0618d66ae6
.technoratimedia.com/	1970-01-20 12:55:43	Name: tads_uidp_48 Value: 05bd7970-60a3-42e5-b875-ad172b166784
.technoratimedia.com/	1970-01-20 12:55:43	Name: tads_uidp_49 Value: AAAL9WYNZ08ibQNKB7lFAAAAAAA
.technoratimedia.com/	1970-01-20 12:55:43	Name: tads_uidp_7 Value: a06c5228-37d6-4578-8122-ec4397575b57
.technoratimedia.com/	1970-01-20 12:55:43	Name: tads_uidp_80 Value: y-K.pec5ZE2uEA6csKndkU9ram3FnprnXI~A
.technoratimedia.com/	1970-01-20 12:55:43	Name: tads_uidp_82 Value: ZJ7aHmXUKE5NU9JJXZZRMwAA&1228
.technoratimedia.com/	1970-01-20 12:55:43	Name: tads_uidp_50 Value: f7b9bdf9-f81c-4801-99e9-6b1325c1c82c
.technoratimedia.com/	1970-01-20 12:55:43	Name: tads_uidp_61 Value: 212152821793116
.technoratimedia.com/	1970-01-20 12:55:43	Name: tads_uidp_62 Value: 3311337266634625000V10
.technoratimedia.com/	1970-01-20 12:56:00	Name: tads_uidp_64 Value: 6KyqdVAyebkfCzln77EgHOIUiFTvqMas
.technoratimedia.com/	1970-01-20 12:55:43	Name: tads_uidp_76 Value: RX-714366ba-d00f-444e-860f-b65357d78cc5-005
.technoratimedia.com/	1970-01-20 22:31:37	Name: tads_uid Value: A42684DA40694E48B36D7397BF65523E
.technoratimedia.com/	1970-01-20 22:31:37	Name: tads_uid_cd Value: 20230604073159+0000
.technoratimedia.com/	1970-01-20 22:31:37	Name: tads_zora Value: 2
beacon.lynx.cognitivlabs.com/	1970-01-20 21:42:40	Name: ss Value: JcGykouwF1ueOLXMftZ4joPKUfF777INCUQTvUbaah3OeABbcvVaaaiLpWSgimiw8JgkBkxay39ODIiuwcJsug%3D%3D
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_279 Value: 22890-dfaa0c26-655b-4adc-9f59-33a4b9ffad62&KRTB&23011-dfaa0c26-655b-4adc-9f59-33a4b9ffad62&KRTB&23355-dfaa0c26-655b-4adc-9f59-33a4b9ffad62
.analytics.yahoo.com/	1970-01-20 21:41:13	Name: IDSYNC Value: "18z8~2cif:199v~2cif"
.contextweb.com/	1970-01-20 21:34:01	Name: V Value: QyflVYXOxE6e
.contextweb.com/	1970-01-20 21:41:13	Name: pb_rtb_ev Value: 3-1lga\|7dN.0.AAB0x07JPeIAACR4l1I58A
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 56ae9767d1541ecc
.linkedin.com/	1970-01-20 21:41:13	Name: bcookie Value: "v=2&8f8f0cfd-36d4-4c76-8ef4-f9ade78fa4cb"
.linkedin.com/	1970-01-20 12:57:04	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2620:u=1:x=1:i=1688137921:t=1688224321:v=2:sig=AQETDNR2bIVHdkPD8W8prddqUroG-wlG"
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_32 Value: 11175-AAAHTGW7QckwlwNfxmKbAAAAAAA&KRTB&22713-AAAHTGW7QckwlwNfxmKbAAAAAAA&KRTB&22715-AAAHTGW7QckwlwNfxmKbAAAAAAA
.tapad.com/	1970-01-20 14:22:01	Name: TapAd_3WAY_SYNCS Value: 1!4359
.smartadserver.com/	1970-01-20 21:42:40	Name: csync Value: 127:AAB0x07JPeIAACR4l1I58A
.sitescout.com/	1970-01-20 13:38:49	Name: _ssuma Value: eyI0NSI6MTY4ODEzNzkyMTY4MH0
.adform.net/	1970-01-20 14:22:01	Name: uid Value: 6877677253035538772
.a.usbrowserspeed.com/	1970-01-20 21:41:13	Name: tuid Value: 4c784f91-6eca-4b5e-801c-1aca660e9f9e
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_699 Value: 22727-AAB0x07JPeIAACR4l1I58A
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_391 Value: 22924-6877677253035538772&KRTB&23263-6877677253035538772&KRTB&23481-6877677253035538772
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_188 Value: 3189-e14be83c-1342-4d20-be20-a9e1b58a96ff-649ef0c1-5553&KRTB&23418-e14be83c-1342-4d20-be20-a9e1b58a96ff-649ef0c1-5553
.rubiconproject.com/	1970-01-20 21:41:13	Name: audit Value: 1\|qp6NJWF9sBcQPm20kDMjVcnnH/L3JH+geifGcZ0djtJ+xL8LlrcUaMCW9SMWiNOPa+74yA1SWhRCqQ3+tQhlLHMDvubSxZCGo/wuOgk3HZcCHFR+NqN0r5YktDsVwm7CAWuTwP14AwAY5C3R3WTyrUec07PGRryK
.adnxs.com/	1970-01-20 15:05:13	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaNv#r[!@wnfH8K6pQK`!5=E<L5?%Ljk]aPEdpgQe.RmVFbjH8of#tFn@X+9Emg5XMbpRzqF1`b`RaF.>9
.4dex.io/	1970-01-20 14:22:01	Name: uids Value: eyJzeW5jcyI6eyJpbmRleGV4Y2hhbmdlIjoiMjAyMy0wNi0zMFQxNToxMTo1OC44MzYxNDQxMzJaIiwicHVibWF0aWMiOiIyMDIzLTA2LTMwVDE1OjExOjU4LjgzNjEzMTgyMVoiLCJydWJpY29uIjoiMjAyMy0wNi0zMFQxNToxMTo1OC44MzYxMzkzNzZaIiwieWFob28iOiIyMDIzLTA2LTMwVDE1OjExOjU4LjgzNjE0MDQxWiJ9LCJ1aWRzIjp7ImFkYWdpbyI6eyJ1aWQiOiI2YTFlNmMzNi1lNWQwLTQ2ZjAtOGRiOS1kYWViODgxZjYzYTQiLCJleHBpcmVzIjoiMjAyMy0wOC0yOVQxNToxMTo1OC44MzQzODUxM1oifSwiaW5kZXhleGNoYW5nZSI6eyJ1aWQiOiJaSjd3djdNMTZvcElNS01zSUFLNEtBQUFEdlFBQUFBQiIsImV4cGlyZXMiOiIyMDIzLTA4LTI5VDE1OjEyOjAyLjkzNjQyMjYwNVoifSwicHVibWF0aWMiOnsidWlkIjoiQzNBN0ZCMEYtRTExNC00MEM5LTg3QzgtRkE2Qjg0Mzk3NkUyIiwiZXhwaXJlcyI6IjIwMjMtMDgtMjlUMTU6MTI6MDAuOTQxMTg3NDUyWiJ9LCJ5YWhvbyI6eyJ1aWQiOiJ5LU5rR00zcFpFMnVHSkxfUklRQjBOT3ZoTlZwYW1DNDRTelpTeW5RUS1-QSIsImV4cGlyZXMiOiIyMDIzLTA4LTI5VDE1OjEyOjAxLjkyNTc5NTk4M1oifX0sImJkYXkiOiIyMDIzLTA2LTMwVDE1OjExOjU4LjgzNDMyMDAxOVoifQ==
.adsrvr.org/	1970-01-20 21:42:40	Name: TDCPM Value: CAESFQoGY2FzYWxlEgsI1oXOqMzh_DsQBRIXCghwdWJtYXRpYxILCJr45qrM4fw7EAUSFgoHcnViaWNvbhILCObOlK_M4fw7EAUSFAoFdGFwYWQSCwje6IG2zOH8OxAFGAEgASgCMgsIjJ-J8-Lh_DsQBTgBWgd0dnU1ZjJwYAI.
.teads.tv/	1970-01-20 21:39:47	Name: tt_viewer Value: 7ab4f40c-887a-4597-a322-71ad0f92ff25
.impact-ad.jp/	1970-01-20 22:31:37	Name: tuuid_lu Value: 1688137923
y.one.impact-ad.jp/	1970-01-20 22:31:37	Name: cmt Value: !247,6b724462-72fa-46ba-9c10-3c9c030bc1d5,2,459972723,0
.pubmatic.com/	1970-01-20 15:05:13	Name: chkChromeAb67Sec Value: 2
.pubmatic.com/	1970-01-20 12:57:04	Name: pi Value: 158977:3
.pubmatic.com/	1970-01-20 15:05:13	Name: DPSync3 Value: 1688688000%3A248%7C1689292800%3A263_262_201_261_260_259_258
.pubmatic.com/	1970-01-20 15:05:13	Name: SyncRTB3 Value: 1689379200%3A35%7C1690675200%3A224%7C1688688000%3A2_38_15_223%7C1688947200%3A63%7C1689292800%3A56_238_21_71_233_240_234_46_166_176_231_3_249_239_22_8_48_13_214_96_55_7_99_220_5_178_243_165_204_104_54_250%7C1693267200%3A69
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_466 Value: 16530-30c28880-f135-45df-9a1a-123ecbe9d4b2
.linkedin.com/	1970-01-20 15:05:13	Name: li_sugr Value: 3c075d16-6786-4dab-ac65-4e3239e2e267
.bing.com/	1970-01-20 22:17:13	Name: MUID Value: 3CCBC468E91863570BDCD728E81F62CF
.c.bing.com/	1970-01-20 13:05:42	Name: MR Value: 0
.ladsp.com/	1970-01-20 12:55:41	Name: cr Value: 1
.impact-ad.jp/	1970-01-20 13:15:47	Name: psm Value: 0
.jugem.jp/	1970-01-20 22:17:13	Name: cto_bundle Value: WHbMg19tNSUyQjdBQ3kxZTZNQUVnN0dxWnE2MDRGU1h6YVZ1Wm9ZQlY4b0gyTGZ6JTJGY3l0dVFDSUQ3JTJGMWZTN0lVSmRJNHc4REp1JTJGN0l0a01udEVQV1cyM2JWRlFOVmg1Wk9kTDhSc05mMFhVMWo4JTJGaHhralhWJTJGV1ZJSVludVhEenpKcThGZg
.jugem.jp/	1970-01-20 22:17:13	Name: cto_bidid Value: JbtSOl94TzJmQ1VqeWZxJTJGbzUwTHhaQUdMSDdmdSUyQklobnhUc0JPbzR5eU1sMm9IYVQxV2hqM1laTk1CODRxTmJUS00xQ0ZwYzRVNlBtN09IVjUyVVdhbjl0WlElM0QlM0Q
.sportradarserving.com/	1970-01-20 21:41:13	Name: zuuid Value: 4a36156e-1601-4858-ad5c-2547b927dc07
.sportradarserving.com/	1970-01-20 21:41:13	Name: c Value: 1688137923
.sportradarserving.com/	1970-01-20 21:41:13	Name: zuuid_lu Value: 1688137923
.everesttech.net/	1970-01-20 21:41:13	Name: everest_g_v2 Value: g_surferid~ZJ7wwwAVnUBCTwBS
.adgrx.com/	1970-01-20 12:57:04	Name: ADGRX_CM_CASALE_BRIDGED Value: 1
.w55c.net/	1970-01-20 13:38:49	Name: matchcasale Value: 5
.bluekai.com/	1970-01-20 17:19:09	Name: bku Value: ikG991wy7ZxuhsQH
.bluekai.com/	1970-01-20 17:19:09	Name: bkpa Value: KJyWyBNtQi9z9wY7GqFPICBgrIMLEOcWyWOGvcKZ+Mh2gvBt6j8IFXURE26YXcn2d+ZlZb1XCKl8I1/IPCgtopGCKoQBU5LwZ216lDKWFh9yOm0ycJIljFfUUKFqP1Iql0LY2CifRUpKsQELzck68focyJgbzM7DpHAOx8iNYB1XQkuL3W+aS5IYMnAGvzz6DyciPRPNFi2nxtuZpBGnMcKvKnfP1ksjzujpEWKaB8UzvV/5WsopPFW3uJDpkTg1oS3G6AH7JQ7Kth9HnG93aUW5QqzC/ioyqg0PKK8iv/g9Y6sEq0ADi2NtEIlLof6wZ24d9xekkPjN
.sportradarserving.com/	1970-01-20 21:41:13	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 21:41:13	Name: zuuid_k_lu Value: 1688137923
.ctnsnet.com/	1970-01-20 21:41:13	Name: cid_5633627f6a1e40eca58a451f6199a1b2 Value: 1
ads.playground.xyz/	1970-01-20 13:04:10	Name: connect.sid Value: s%3AXro9WwHqqKyFzeulmEB_57yQhgaZghNa.dOXTUPuLIrb0kPZl2z3k%2FyF5h5%2BU7JJMAFuLRP1SgZE
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_1305 Value: 23408-C3A7FB0F-E114-40C9-87C8-FA6B843976E2&KRTB&23413-C3A7FB0F-E114-40C9-87C8-FA6B843976E2&KRTB&23479-C3A7FB0F-E114-40C9-87C8-FA6B843976E2&KRTB&23505-C3A7FB0F-E114-40C9-87C8-FA6B843976E2
.bfmio.com/	1970-01-20 21:41:13	Name: __187_cid Value: C3A7FB0F-E114-40C9-87C8-FA6B843976E2
.bfmio.com/	1970-01-20 21:41:13	Name: __io_cid Value: 3e0caf0401f7588a52a35261f2b542c9782f1f33
.inmobi.com/	1970-01-20 15:05:13	Name: idsp_c Value: d2cc978e-e4b4-4edd-80d9-ad2c4a908504
.kargo.com/	1970-01-20 21:41:13	Name: ktcid Value: 66e29e15-ceb0-002f-59e3-40638fad1919
.tribalfusion.com/	1970-01-20 15:05:13	Name: ANON_ID Value: aCnuBsO5nP87PRo7URbtQQcOfJTZc9wWx1ZcIFLZaCtwIxmZaiQGcYxUwM2tJP2NZdWInNeA7vQnwYYZaZbIiYh2OcwZceZbk9y3qriD7FZakGfFh1YwBo
.1rx.io/	1970-01-20 21:41:13	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b6f24ba6-27de-43b3-9293-bb8625f3db48-005%22%2C%22nxtrdr%22%3Afalse%7D
.ladsp.com/	1970-01-20 22:31:37	Name: smn_uid Value: mL-CQdtsjeS-x7JqGeUMQw-z94WVw-g
.id5-sync.com/	1970-01-20 15:05:13	Name: 3pi Value:
.id5-sync.com/	1970-01-20 15:05:13	Name: id5 Value: 0e14b22a-bba2-7caf-af8b-974622ccc01c#1688137924126#1
.targeting.unrulymedia.com/	1970-01-20 21:41:13	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b6f24ba6-27de-43b3-9293-bb8625f3db48-005%22%7D
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_594 Value: 17105-RX-b6f24ba6-27de-43b3-9293-bb8625f3db48-005&KRTB&17107-RX-b6f24ba6-27de-43b3-9293-bb8625f3db48-005
.owneriq.net/	1970-01-20 13:10:01	Name: p2 Value: pmc
.owneriq.net/	1970-01-20 22:31:37	Name: si Value: Q7414243241464908987P
.owneriq.net/	1970-01-20 13:10:01	Name: pmc Value: 1
.c.appier.net/	1970-01-20 21:41:13	Name: _auid Value: lAEJRVoTA4yK6bW9xPCeZA
.pubmatic.com/	1970-01-20 13:38:49	Name: KRTBCOOKIE_904 Value: 16787-lAEJRVoTA4yK6bW9xPCeZA
.pubmatic.com/	1970-01-20 13:38:49	Name: PugT Value: 1688129756
.pubmatic.com/	1970-01-20 13:38:49	Name: SPugT Value: 1688137925

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://i.loli.net/2020/06/27/z18fckmg62hy9vx.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://img.missvonsmith.sleepingawake.org/20110708_2024250.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: http://crescent-star.jugem.jp/ Message: Access to XMLHttpRequest at 'http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js' from origin 'http://crescent-star.jugem.jp' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= Message: Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2c5df386c7e88bcb2010314c8aeca1b7.safeframe.googlesyndication.com
a.clickcertain.com
a.flux.jp
a.sportradarserving.com
a.tribalfusion.com
a.usbrowserspeed.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.as.amanad.adtdp.com
ad.mrtnsvr.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
api.booklog.jp
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
cdn.indexww.com
cdn.jsdelivr.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
core.iprom.net
corp.rakuten.co.jp
cr-p31.ladsp.com
crb.kargo.com
crescent-star.jugem.jp
csync.loopme.me
d.socdm.com
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
flux-cdn.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.loli.net
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imaging.jugem.jp
img-cdn.jg.jugem.jp
img.missvonsmith.sleepingawake.org
ipac.ctnsnet.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
m.media-amazon.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
matching.truffle.bid
mp.4dex.io
mug.criteo.com
mweb.ck.inmobi.com
p.rfihub.com
pagead2.googlesyndication.com
pb.ladsp.com
penta.a.one.impact-ad.jp
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
r.bidswitch.net
rtb-csync.smartadserver.com
rtb-jp.mediago.io
rtb.adentifi.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sleepingawake.org
ssbsync-us.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync6.im-apps.net
synchroscript.deliveryengine.adswizz.com
syndication.twitter.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.4dex.io
u.openx.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
widget.booklog.jp
www.facebook.com
www.google-analytics.com
www.googletagservices.com
www.ntv.co.jp
x.bidswitch.net
y.one.impact-ad.jp
c.amazon-adsystem.com
csync.loopme.me
img.missvonsmith.sleepingawake.org
pmp.mxptint.net
www.facebook.com
103.132.192.30
104.102.111.7
104.104.111.6
104.18.11.47
104.18.24.185
104.244.42.200
104.36.115.111
107.178.248.96
13.113.171.214
133.237.60.111
141.95.33.111
142.250.64.66
151.101.2.49
157.7.107.75
162.19.138.82
162.248.18.34
162.248.18.37
172.105.199.172
172.217.13.130
173.223.57.84
18.160.181.58
18.160.92.44
18.160.96.104
18.160.96.112
18.160.97.132
185.167.164.37
192.40.39.223
195.5.165.20
198.148.27.140
199.127.204.171
199.38.167.131
20.85.134.6
202.241.208.100
207.198.113.88
216.200.232.249
23.105.12.159
23.105.12.173
23.197.184.175
23.197.184.187
23.217.250.62
23.52.160.7
23.88.86.2
2600:1400:d::1721:eea3
2600:1f18:4e9:5a02:71d0:2e3a:4d87:7371
2600:9000:21fa:2200:18:99a3:d800:93a1
2600:9000:21fa:5a00:1b:5138:8a40:93a1
2600:9000:21fa:8a00:18:99a3:d800:93a1
2600:9000:254a:1000:13:9454:1700:93a1
2600:9000:254a:1a00:1d:8805:bd80:93a1
2600:9000:254a:400:13:9454:1700:93a1
2602:803:c002:200::43
2603:c020:400d:3000:f50:982a:7877:65bd
2606:2800:220:131d:1d30:1f1d:238b:1e56
2606:4700:20::681a:1be
2606:4700:20::681a:832
2606:4700:20::ac43:4bf1
2606:4700::6812:18ad
2606:4700::6812:372
2606:ae80:1451:21::410
2607:f8b0:4004:c1d::9b
2607:f8b0:4020:804::2002
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::200e
2607:f8b0:4020:806::2001
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::2006
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:a021:b886:81cc:55cf
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a04:4e42:400::485
2a04:4e42:600::272
3.214.222.87
3.33.220.150
34.102.163.6
34.102.253.54
34.111.113.62
34.149.40.38
34.150.170.96
34.160.89.38
34.196.240.12
34.197.223.55
34.200.65.202
34.225.41.163
34.230.250.86
34.232.39.3
34.98.64.218
35.153.221.178
35.161.213.5
35.186.193.173
35.211.118.13
35.211.178.172
35.211.233.246
35.213.109.249
35.213.115.3
35.71.139.29
35.75.154.223
44.206.150.230
52.197.128.148
52.202.56.4
52.46.130.91
52.72.194.129
54.145.44.246
54.230.202.56
54.239.33.159
64.202.112.191
68.67.179.113
68.67.181.211
69.173.151.100
69.90.254.78
72.251.229.176
74.119.119.139
74.119.119.150
8.18.47.7
8.28.7.81
8.28.7.83
8.39.36.142
99.81.147.155
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06f3337e32ab9f057cc29ea28c9daa58367afaf90c5d8f344f33cf56de416a03
0a40aba92b614db9dc88adb76e2bbffeaf30212420a67e1a8da456623d89d1c3
0b5992f584c253d4dc931307e5414c2e099fbcacc3191be8681fa3b34e5dce67
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd398ef8e97aa407613f0d98cac2630096569c23495fa46516de00d04b6f674
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0cc248beec8b69f5a104c7566a9d5d0351b8af6384da2913bf7c1462f26416d8
0cef8b01e6f2dcf9e9447a40cad17bfd386a2695859eb124d58c97cbb8a567ae
0de301d1466e7cc63db79b1e7da44aff35b8cf37cd18a8d19b74ce83ddc496b9
119b656d2c68eea6b7d56740ac66ef1d2208ea0ede334fe72cda6e799f00ef24
11c7c1d2ec15c0f4bf2befe5a8929a91d56e46a34a5f549307e782c8f02efc9c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
141d964da28625248496b29546e04c292413ee6af591514bd790eab8c028aa59
17a18f82b0f3f0acc63c10a4e3fbcef6360d4bce4e6ae18052eb2061a354957a
17eedfbd6207c388a4455df3dca137785efc0be264f83985aed475e7e1df1a0c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a1a8b50c565a830d58c855e8a4b3b4d4e0d73cb0a7bce03cc12ea1b066f5f83
1f480aaa5629f3a993181a960bb14b80460209edd6ffe735a825fec0cea213d4
1f840907592a5589e5031ae542349cc646f599371350ab0c61f3d03bc3b1aea0
2101d57740b81ce03f739e91b17575ea937eb6bdfe8313d31f628b7f573f7e83
24b1a39a7bc0cefbf98bdc5c0fc20ac271f076eee072a53492b0262efba18fb2
24f177aba2de297cee5f43384e602f9c17b8d9ddb942c188f774ea00029e4a7e
27b327ccf3d569225955d18ff44def44b5ea61773f4cffdd13b1ef63483281ca
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3069ab9619690cd44d05cbae9946ab0b0e5899929f36604fcfb7bacd25b8d428
311290cfac05b49889169444644caeea9aec5ad3a04ec2f938eee8c3ea99053b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3323b0eb9d4fbf36a032d5f37291c58077f9feceb7dffb7fb5c4a681cc8fd5b2
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3ad364d4a92207e286fdedef87c4ebcf87e2f1053528f89ca48206a49e259afb
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f4937c97a5ed5e1e1cf110efe55754fabad962dce76ea0459d3c01804cd5899
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
40ed6544f8fbd27415b19c458bf043cc143f0d15ad1e5adb175b90c74b9849ad
4286950cc711774cca06e8c6476643fc458f670082a370fa914a22a4b4e01128
43640aa7fa36c819c311bbae8212adc32e8ed3d16c21c45a8609560dc4cf6124
439b43b7234d74128cdb70a2ad0e2528dc19232c0ec7449dd5601069da931484
43adb5676b2c43134634be0dfd9c3ca3007b81ed4499a3ce1df2839d3effe54e
43e2ad610c4eab8496226f8a71dc4ffc651f27c8426f18c2e073dac2102fd73e
4410bbc48ea02642aa505881db6e074bfe77c51cb8cbb0c898eea7c6f5de473e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
480fed0d49491b848ae416d3c96607a3c82b09bbc80bf14f9121a9aa2d3a30ae
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b66323f681852911078decd0438ab581e4587c9f9899ad4aef04ff04318fab0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4b004ecb569471e8b354ea39475e850c8773931c8bdaca87015ef92c3e386b
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5dd37516fd86f25d99f70735f06df6a85ff0b2fe48668b1587c50490bedfe24b
5e58f953a0df1ef7609effed0421e06c945d92752adf548452b8aab1a875ac35
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
63658db51646ac1760810e9bcc9ea7c10a08aa85ee22622004dce984795d80ed
6911a0e7e31a8848c28c75fc5e60ed42a874f4bdeb29712fd43242d25f05ba10
6959a03185cee225609e77585c7740391135f1c9573263450b4f009cd099c833
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd2041394360c069e86d56c01badd656d5a2732bc545d391dfe6b9f59287b42
6cd07b3e8219895dd6d36f9d9dd7fe674dd584ec2a98bbca84e5e51358b66d3f
6dc2e789c5bfb247704b0d1aab9006a3636cc34df648cd39ef1a749a6253f2c3
6f67a6c65335b24e4cefa4f5466110d56890e8c086616c41301af882d609582b
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
74f8eb7d67a652edd85f6135dbd1e34f98fba512937982a8f35d353396598736
7743061bbf45995e1289df0d61544233882d92f4f983090587f446413ca70e8e
7c7e84ab4971ca461ed68d90f939ac8154ce7eef889f72a8235bde07d504c2c5
802dcdd50c71f2f2fc1f72b0af6fb13be6f999fc72ce1abe1707dc7a0ec4032c
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83dd5a9512e50ec30c2a08621826980b7d9a59b2e40e2dfd42235e494eb4f456
853294b1b869fe564d2cd5495489ca53d3ac931c0c1e3937534ed4969f75ca9e
8671e2e2892af14bad70adf230b1015ae89a395b34a276dda286c1ce8d4404db
8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
95bdfd6b0e09d82c645b3d4e4c96121b5a8f9a67b701d7e51c4ac0b33e291c47
97dff70ce6f25f71e2c865ba43585da08c68e66460192b6c0fe0c9b610e98666
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a8049071870d7f1568c4a93ded757a4c90cf45669d03ca2720ca90f872fbe7c
9be520d25af5534792d91ee7e388923e6e5fa6bb189b872f77dda46c87dd5726
9c8dfc8418f7c2ae54a0eca38c5c633ea887b3760f7ebd67a886b08d35fdeb76
9c9916930ee6fe035b06b5ba657247833146bf0d5eefdf625aea95f0c53fe44a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b
a810996e1b9632593734f13a465418280c6fc1ba72f1aff719577192dd47df85
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adf5fb1d90811bfe8d6ab1a3fcbba6966c94215548bfa8217d2ed9644e5dc629
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af6129a7ec26760cb2d5ea83db0f3dc8a3390671631e1f5c695e42933501cc02
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4ca25f992ebe8d663684ec5884478312907d2f9b5c10c1c850f722757667488
b5fa1f902a3c85d0516cd9084b3e015575f71cfad8ebfeeefd307ccc382602ef
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
b8764a733287aa55af9cd28dfaed66d9259c371c3eb6af9b6aa9375d01411940
b8e20a5af47c489fe5618f4aa95d354e47bedde462e494d412d63e65678e306a
ba4924716ed0580ae30f974eebb97421a2c10c1e2cf61e8ad60fcd39d8fbca30
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be877b61f5c44a660b1aa2830a02d2ba80ea4ed494d37820e46ee88bef9a7dd9
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c1014b4de8b60f98acb7d53f1bf6c12e61b493de8542a29ee0361c45b94ace70
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4b52e21da1da0eeeb699c0e0fcba879602d64f76a1e752cee2cbbdebf25643c
c62daba51ca1e0dd58da62cba0699ca30609e175508ab0ec79d0c906a7eb3c7d
cccb6a10e5e6e3d527e3976df7fa398acda77aa00d91f74b02039fe57b49dffc
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1234272bbdbe952ae3dce8a9ce2063cb81f75eab4ccc054f8702cb5e6b71192
d45e3373cd667f5c8106f7620b283775dccaa151e58e003e047a3fb5b9180f58
d4be49a1fb727d8504115ddecec10dba598d4bffb9060b22c5cf8a65c57796d3
d5ae9296b66023df71d2b945a770ff110e9ca1a6bc8fe181584c40a8ecdb3185
d7ba7c80ee7338748b573f9a5b2b8cdc1da818a2d717bbf50445338110d3700c
da49c88bc42d8085f685f8c1e23a901d444697250efe38c9359e40ed2a746781
dcba511aea1b5b912afdc9446df5d4aef131a3b8fac66ae9ce2e2a1be934ff38
de26e1aa9d0eb01758fc47226ac99a9dbf123f53e1b579f959854c9611e10fc3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df021d8a4ce92e8519b4af0693cca3ff3047eee7d9be6bf140a7810324f163a8
e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece
e190b21421e65a542b6a68d96c3254ce3064fcfe078d165321611ebf2c4aeaa6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5026624c5b29b8e398d88b4ce18332e37e2db46704ed34697c4cbbe45683ecd
e56b9c02c24b9f840ef5520a4dc9684582767cb3f75d45d66d39488d8865d65c
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eda2d490429abf32a4411140d973e6eaf7f046454e56ea6a31551eb1ab3b10f3
ee0a493bde0f833f89ca4829404fb166b337e6b39f2607e6aca9461095d98cd1
ee95bfb870051ce531d49f83a7738187f075a7a036e2ca7c68e397bdc348f8db
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0457e2978b1050f0bf7b8e79e1deb1973c8a7a22d330d4eec779bfdacd24e1a
f1ab12e73c6fa61affcedc157eac50eb781da8576aeb5f7509bcc5cfaa2cfc81
f3f8078ecd19b711cbfce00fbaf71e209ebf0d3b8723d99428a3df257c4f6695
f4393200d109c9622f479f2e6916615f25333988e7a7b7600f466b043aff108e
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1
f6ee2e08f2a603226c71cbccf99e2e88fc8af9643092ba1d44251eb5ca2dedf5
fa330f12663cf886150ab30007172b960e2e0fb5201750694d1afdcc5237c449
fa55e2e766c0266f340fc86f346da190d8d073a6857ed65ca3967f7c2ff9aab2
fa83349cf3a8d278f74dcdf4d6fa451596747b7d28e9abefa6a4f700f4e5023c
fe47b38358f1494210196965c28936a136dd03b387024d00c8c7737b460a3a72

crescent-star.jugem.jp Open in urlscan Pro 35.75.154.223 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

422 Requests

72 %HTTPS

28 %IPv6

91 Domains

136 Subdomains

86 IPs

10 Countries

3350 kBTransfer

7727 kBSize

166 Cookies

31 Outgoing links

Redirected requests

422 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 25 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

crescent-star.jugem.jp Open in urlscan Pro
35.75.154.223 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

422
Requests

72 %
HTTPS

28 %
IPv6

91
Domains

136
Subdomains

86
IPs

10
Countries

3350 kB
Transfer

7727 kB
Size

166
Cookies

422 HTTP transactions
25 data transactions